From dovecot at dovecot.org Fri Nov 4 18:40:07 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 04 Nov 2011 18:40:07 +0200 Subject: dovecot-2.1: eacces_error_get*(): Log if group has r/w permissio... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/b6e5cf112b3e changeset: 13645:b6e5cf112b3e user: Timo Sirainen date: Fri Nov 04 18:50:24 2011 +0200 description: eacces_error_get*(): Log if group has r/w permissions, but we don't belong to it. diffstat: src/lib/eacces-error.c | 132 ++++++++++++++++++++++++++++++++++-------------- 1 files changed, 93 insertions(+), 39 deletions(-) diffs (182 lines): diff -r 1dd992f75906 -r b6e5cf112b3e src/lib/eacces-error.c --- a/src/lib/eacces-error.c Tue Oct 25 22:58:48 2011 +0300 +++ b/src/lib/eacces-error.c Fri Nov 04 18:50:24 2011 +0200 @@ -26,32 +26,41 @@ return FALSE; } -static int test_access(const char *path, int mode, string_t *errmsg) +static void write_eacces_error(string_t *errmsg, const char *path, int mode) { + char c; + + switch (mode) { + case R_OK: + c = 'r'; + break; + case W_OK: + c = 'w'; + break; + case X_OK: + c = 'x'; + break; + default: + i_unreached(); + } + str_printfa(errmsg, " missing +%c perm: %s", c, path); +} + +static int +test_manual_access(const char *path, int access_mode, bool write_eacces, + string_t *errmsg) +{ + const struct group *group; + bool user_not_in_group = FALSE; struct stat st; + int mode; - if (getuid() == geteuid()) { - if (access(path, mode) == 0) - return 0; + if (stat(path, &st) < 0) { + str_printfa(errmsg, " stat(%s) failed: %m", path); + return -1; + } - if (errno != EACCES) { - str_printfa(errmsg, " access(%s, %d) failed: %m", - path, mode); - } - return -1; - } - - /* access() uses real uid, not effective uid. - we'll have to do these checks manually. */ - switch (mode) { - case X_OK: - if (stat(t_strconcat(path, "/test", NULL), &st) == 0) - return 0; - if (errno == ENOENT || errno == ENOTDIR) - return 0; - if (errno != EACCES) - str_printfa(errmsg, " stat(%s/test) failed: %m", path); - return -1; + switch (access_mode) { case R_OK: mode = 04; break; @@ -62,24 +71,77 @@ i_unreached(); } - if (stat(path, &st) < 0) { - str_printfa(errmsg, " stat(%s) failed: %m", path); - return -1; - } - if (st.st_uid == geteuid()) st.st_mode = (st.st_mode & 0700) >> 6; else if (is_in_group(st.st_gid)) st.st_mode = (st.st_mode & 0070) >> 3; - else + else { + if ((((st.st_mode & 0070) >> 3) & mode) != 0) + user_not_in_group = TRUE; st.st_mode = (st.st_mode & 0007); + } if ((st.st_mode & mode) != 0) return 0; + + if (write_eacces) + write_eacces_error(errmsg, path, access_mode); + if (user_not_in_group) { + /* group would have had enough permissions, + but we don't belong to the group */ + str_printfa(errmsg, ", we're not in group %s", + dec2str(st.st_gid)); + group = getgrgid(st.st_gid); + if (group != NULL) + str_printfa(errmsg, "(%s)", group->gr_name); + } errno = EACCES; return -1; } +static int test_access(const char *path, int access_mode, string_t *errmsg) +{ + struct stat st; + + if (getuid() == geteuid()) { + if (access(path, access_mode) == 0) + return 0; + + if (errno == EACCES) { + write_eacces_error(errmsg, path, access_mode); + (void)test_manual_access(path, access_mode, + FALSE, errmsg); + errno = EACCES; + } else { + str_printfa(errmsg, " access(%s, %d) failed: %m", + path, access_mode); + } + return -1; + } + + /* access() uses real uid, not effective uid. + we'll have to do these checks manually. */ + switch (access_mode) { + case X_OK: + if (stat(t_strconcat(path, "/test", NULL), &st) == 0) + return 0; + if (errno == ENOENT || errno == ENOTDIR) + return 0; + if (errno == EACCES) + write_eacces_error(errmsg, path, access_mode); + else + str_printfa(errmsg, " stat(%s/test) failed: %m", path); + return -1; + case R_OK: + case W_OK: + break; + default: + i_unreached(); + } + + return test_manual_access(path, access_mode, TRUE, errmsg); +} + static const char * eacces_error_get_full(const char *func, const char *path, bool creating) { @@ -156,27 +218,19 @@ if (ret == 0) { /* dir is the first parent directory we can stat() */ if (test_access(dir, X_OK, errmsg) < 0) { - if (errno == EACCES) { - str_printfa(errmsg, " missing +x perm: %s", dir); + if (errno == EACCES) missing_mode = 1; - } } else if (creating && test_access(dir, W_OK, errmsg) < 0) { - if (errno == EACCES) { - str_printfa(errmsg, " missing +w perm: %s", dir); + if (errno == EACCES) missing_mode = 2; - } } else if (prev_path == path && test_access(path, R_OK, errmsg) < 0) { - if (errno == EACCES) - str_printfa(errmsg, " missing +r perm: %s", path); } else if (!creating && test_access(path, W_OK, errmsg) < 0) { /* this produces a wrong error if the operation didn't actually need write permissions, but we don't know it here.. */ - if (errno == EACCES) { - str_printfa(errmsg, " missing +w perm: %s", path); + if (errno == EACCES) missing_mode = 4; - } } else { str_append(errmsg, " UNIX perms appear ok " "(ACL/MAC wrong?)"); From dovecot at dovecot.org Fri Nov 4 19:25:09 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 04 Nov 2011 19:25:09 +0200 Subject: dovecot-2.1: fts-lucene: Added whitespace_chars subsetting to ft... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/6d483a22134e changeset: 13646:6d483a22134e user: Timo Sirainen date: Fri Nov 04 19:35:30 2011 +0200 description: fts-lucene: Added whitespace_chars subsetting to fts_lucene. A value of "@." could be useful so that user at domain.tld allows searching user, domain and tld separately instead of requiring the whole string to match. diffstat: src/plugins/fts-lucene/fts-lucene-plugin.c | 12 +++++++-- src/plugins/fts-lucene/fts-lucene-plugin.h | 1 + src/plugins/fts-lucene/lucene-wrapper.cc | 35 ++++++++++++++++++++++++----- 3 files changed, 39 insertions(+), 9 deletions(-) diffs (129 lines): diff -r b6e5cf112b3e -r 6d483a22134e src/plugins/fts-lucene/fts-lucene-plugin.c --- a/src/plugins/fts-lucene/fts-lucene-plugin.c Fri Nov 04 18:50:24 2011 +0200 +++ b/src/plugins/fts-lucene/fts-lucene-plugin.c Fri Nov 04 19:35:30 2011 +0200 @@ -26,6 +26,8 @@ set->textcat_conf = p_strdup(user->pool, *tmp + 13); } else if (strncmp(*tmp, "textcat_dir=", 12) == 0) { set->textcat_dir = p_strdup(user->pool, *tmp + 12); + } else if (strncmp(*tmp, "whitespace_chars=", 17) == 0) { + set->whitespace_chars = p_strdup(user->pool, *tmp + 17); } else { i_error("fts_lucene: Invalid setting: %s", *tmp); return -1; @@ -39,6 +41,8 @@ i_error("fts_lucene: textcat_dir set, but textcat_conf unset"); return -1; } + if (set->whitespace_chars == NULL) + set->whitespace_chars = ""; #ifndef HAVE_LUCENE_STEMMER if (set->default_language != NULL) { i_error("fts_lucene: default_language set, " @@ -61,9 +65,11 @@ uint32_t fts_lucene_settings_checksum(const struct fts_lucene_settings *set) { - /* only the default language change matters */ - return set->default_language == NULL ? 0 : - crc32_str(set->default_language); + uint32_t crc; + + crc = crc32_str(set->default_language); + crc = crc32_str_more(crc, set->whitespace_chars); + return crc; } static void fts_lucene_mail_user_created(struct mail_user *user) diff -r b6e5cf112b3e -r 6d483a22134e src/plugins/fts-lucene/fts-lucene-plugin.h --- a/src/plugins/fts-lucene/fts-lucene-plugin.h Fri Nov 04 18:50:24 2011 +0200 +++ b/src/plugins/fts-lucene/fts-lucene-plugin.h Fri Nov 04 19:35:30 2011 +0200 @@ -11,6 +11,7 @@ struct fts_lucene_settings { const char *default_language; const char *textcat_conf, *textcat_dir; + const char *whitespace_chars; }; struct fts_lucene_user { diff -r b6e5cf112b3e -r 6d483a22134e src/plugins/fts-lucene/lucene-wrapper.cc --- a/src/plugins/fts-lucene/lucene-wrapper.cc Fri Nov 04 18:50:24 2011 +0200 +++ b/src/plugins/fts-lucene/lucene-wrapper.cc Fri Nov 04 19:35:30 2011 +0200 @@ -143,6 +143,21 @@ i_free(index); } +static void lucene_data_translate(struct lucene_index *index, + wchar_t *data, unsigned int len) +{ + const char *whitespace_chars = index->set.whitespace_chars; + unsigned int i; + + if (*whitespace_chars == '\0') + return; + + for (i = 0; i < len; i++) { + if (strchr(whitespace_chars, data[i]) != NULL) + data[i] = ' '; + } +} + void lucene_utf8_n_to_tchar(const unsigned char *src, size_t srcsize, wchar_t *dest, size_t destsize) { @@ -159,10 +174,14 @@ dest[destsize-1] = 0; } -static const wchar_t *t_lucene_utf8_to_tchar(const char *str) +static const wchar_t * +t_lucene_utf8_to_tchar(struct lucene_index *index, + const char *str, bool translate) { ARRAY_TYPE(unichars) dest_arr; - const unichar_t *ret; + const unichar_t *chars; + wchar_t *ret; + unsigned int len; i_assert(sizeof(wchar_t) == sizeof(unichar_t)); @@ -170,8 +189,11 @@ if (uni_utf8_to_ucs4(str, &dest_arr) < 0) i_unreached(); (void)array_append_space(&dest_arr); - ret = array_idx(&dest_arr, 0); - return (const wchar_t *)ret; + + chars = array_get_modifiable(&dest_arr, &len); + ret = (wchar_t *)chars; + lucene_data_translate(index, ret, len - 1); + return ret; } void lucene_index_select_mailbox(struct lucene_index *index, @@ -478,6 +500,7 @@ datasize = uni_utf8_strlen_n(data, size) + 1; wchar_t dest[datasize]; lucene_utf8_n_to_tchar(data, size, dest, datasize); + lucene_data_translate(index, dest, datasize); if (hdr_name != NULL) { /* hdr_name should be ASCII, but don't break in case it isn't */ @@ -1010,7 +1033,7 @@ lucene_get_query_str(struct lucene_index *index, const TCHAR *key, const char *str, bool fuzzy) { - const TCHAR *wvalue = t_lucene_utf8_to_tchar(str); + const TCHAR *wvalue = t_lucene_utf8_to_tchar(index, str, TRUE); Analyzer *analyzer = guess_analyzer(index, str, strlen(str)); if (analyzer == NULL) analyzer = index->default_analyzer; @@ -1067,7 +1090,7 @@ } q = lucene_get_query(index, - t_lucene_utf8_to_tchar(arg->hdr_field_name), + t_lucene_utf8_to_tchar(index, arg->hdr_field_name, FALSE), arg); break; default: From dovecot at dovecot.org Fri Nov 4 19:42:07 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 04 Nov 2011 19:42:07 +0200 Subject: dovecot-2.1: doveadm dump index: Dump also mime.parts decoded. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/9f739df97593 changeset: 13647:9f739df97593 user: Timo Sirainen date: Fri Nov 04 19:52:26 2011 +0200 description: doveadm dump index: Dump also mime.parts decoded. diffstat: src/doveadm/doveadm-dump-index.c | 39 +++++++++++++++++++++++++++++++++++++++ 1 files changed, 39 insertions(+), 0 deletions(-) diffs (63 lines): diff -r 6d483a22134e -r 9f739df97593 src/doveadm/doveadm-dump-index.c --- a/src/doveadm/doveadm-dump-index.c Fri Nov 04 19:35:30 2011 +0200 +++ b/src/doveadm/doveadm-dump-index.c Fri Nov 04 19:52:26 2011 +0200 @@ -5,6 +5,8 @@ #include "str.h" #include "hex-binary.h" #include "file-lock.h" +#include "message-parser.h" +#include "message-part-serialize.h" #include "mail-index-private.h" #include "mail-cache-private.h" #include "mail-cache-private.h" @@ -346,6 +348,41 @@ } } +static void dump_message_part(string_t *str, const struct message_part *part) +{ + for (; part != NULL; part = part->next) { + str_append_c(str, '('); + str_printfa(str, "pos=%"PRIuUOFF_T" ", part->physical_pos); + str_printfa(str, "hdr.p=%"PRIuUOFF_T" ", part->header_size.physical_size); + str_printfa(str, "hdr.v=%"PRIuUOFF_T" ", part->header_size.virtual_size); + str_printfa(str, "body.p=%"PRIuUOFF_T" ", part->body_size.physical_size); + str_printfa(str, "body.v=%"PRIuUOFF_T" ", part->body_size.virtual_size); + str_printfa(str, "flags=%x", part->flags); + if (part->children != NULL) { + str_append_c(str, ' '); + dump_message_part(str, part->children); + } + str_append_c(str, ')'); + } +} + +static void +dump_cache_mime_parts(string_t *str, const void *data, unsigned int size) +{ + const struct message_part *part; + const char *error; + + str_append_c(str, ' '); + + part = message_part_deserialize(pool_datastack_create(), data, size, &error); + if (part == NULL) { + str_printfa(str, "error: %s", error); + return; + } + + dump_message_part(str, part); +} + static void dump_cache(struct mail_cache_view *cache_view, unsigned int seq) { struct mail_cache_lookup_iterate_ctx iter; @@ -387,6 +424,8 @@ case MAIL_CACHE_FIELD_VARIABLE_SIZE: case MAIL_CACHE_FIELD_BITMASK: str_printfa(str, "(%s)", binary_to_hex(data, size)); + if (strcmp(field->name, "mime.parts") == 0) + dump_cache_mime_parts(str, data, size); break; case MAIL_CACHE_FIELD_STRING: if (size > 0) From dovecot at dovecot.org Fri Nov 4 20:01:17 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 04 Nov 2011 20:01:17 +0200 Subject: dovecot-2.1: anvil: Handle crash restarts without failing comple... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/926a7ceeaa10 changeset: 13648:926a7ceeaa10 user: Timo Sirainen date: Fri Nov 04 20:11:39 2011 +0200 description: anvil: Handle crash restarts without failing completely. diffstat: src/anvil/anvil-connection.c | 7 ++++++- src/anvil/common.h | 1 + src/anvil/main.c | 3 +++ src/master/service-anvil.c | 1 + src/master/service-anvil.h | 2 ++ src/master/service-process.c | 4 ++++ 6 files changed, 17 insertions(+), 1 deletions(-) diffs (89 lines): diff -r 9f739df97593 -r 926a7ceeaa10 src/anvil/anvil-connection.c --- a/src/anvil/anvil-connection.c Fri Nov 04 19:52:26 2011 +0200 +++ b/src/anvil/anvil-connection.c Fri Nov 04 20:11:39 2011 +0200 @@ -150,8 +150,13 @@ if (!version_string_verify(line, "anvil", ANVIL_CLIENT_PROTOCOL_MAJOR_VERSION)) { + if (anvil_restarted && (conn->master || conn->fifo)) { + /* old pending data. ignore input until we get + the handshake. */ + return anvil_connection_input(context); + } i_error("Anvil client not compatible with this server " - "(mixed old and new binaries?)"); + "(mixed old and new binaries?) %s", line); anvil_connection_destroy(conn); return; } diff -r 9f739df97593 -r 926a7ceeaa10 src/anvil/common.h --- a/src/anvil/common.h Fri Nov 04 19:52:26 2011 +0200 +++ b/src/anvil/common.h Fri Nov 04 20:11:39 2011 +0200 @@ -5,5 +5,6 @@ extern struct connect_limit *connect_limit; extern struct penalty *penalty; +extern bool anvil_restarted; #endif diff -r 9f739df97593 -r 926a7ceeaa10 src/anvil/main.c --- a/src/anvil/main.c Fri Nov 04 19:52:26 2011 +0200 +++ b/src/anvil/main.c Fri Nov 04 20:11:39 2011 +0200 @@ -13,10 +13,12 @@ #include "penalty.h" #include "anvil-connection.h" +#include #include struct connect_limit *connect_limit; struct penalty *penalty; +bool anvil_restarted; static struct io *log_fdpass_io; static void client_connected(struct master_service_connection *conn) @@ -65,6 +67,7 @@ restrict_access_by_env(NULL, FALSE); restrict_access_allow_coredumps(TRUE); + anvil_restarted = getenv("ANVIL_RESTARTED") != NULL; /* delay dying until all of our clients are gone */ master_service_set_die_with_master(master_service, FALSE); diff -r 9f739df97593 -r 926a7ceeaa10 src/master/service-anvil.c --- a/src/master/service-anvil.c Fri Nov 04 19:52:26 2011 +0200 +++ b/src/master/service-anvil.c Fri Nov 04 20:11:39 2011 +0200 @@ -125,6 +125,7 @@ if (service_anvil_global->pid == process->pid) service_anvil_global->pid = 0; + service_anvil_global->restarted = TRUE; } void service_anvil_send_log_fd(void) diff -r 9f739df97593 -r 926a7ceeaa10 src/master/service-anvil.h --- a/src/master/service-anvil.h Fri Nov 04 19:52:26 2011 +0200 +++ b/src/master/service-anvil.h Fri Nov 04 20:11:39 2011 +0200 @@ -17,6 +17,8 @@ struct io *io_blocking, *io_nonblocking; unsigned int process_count; + /* anvil crashed and we're now restarting it */ + bool restarted; }; extern struct service_anvil_global *service_anvil_global; diff -r 9f739df97593 -r 926a7ceeaa10 src/master/service-process.c --- a/src/master/service-process.c Fri Nov 04 19:52:26 2011 +0200 +++ b/src/master/service-process.c Fri Nov 04 20:11:39 2011 +0200 @@ -188,6 +188,10 @@ master_service_env_clean(); switch (service->type) { + case SERVICE_TYPE_ANVIL: + if (service_anvil_global->restarted) + env_put("ANVIL_RESTARTED=1"); + break; case SERVICE_TYPE_CONFIG: env_put(t_strconcat(MASTER_CONFIG_FILE_ENV"=", service->config_file_path, NULL)); From dovecot at dovecot.org Fri Nov 4 20:26:06 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 04 Nov 2011 20:26:06 +0200 Subject: dovecot-2.1: lib-storage: Added MAILBOX_LIST_FLAG_OPTIONAL_BOXES... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/64ca27392217 changeset: 13649:64ca27392217 user: Timo Sirainen date: Fri Nov 04 20:36:06 2011 +0200 description: lib-storage: Added MAILBOX_LIST_FLAG_OPTIONAL_BOXES flag. diffstat: src/lib-storage/list/mailbox-list-fs.c | 58 ++++++++++++++++------------ src/lib-storage/list/mailbox-list-maildir.c | 13 +++--- src/lib-storage/mailbox-list.h | 6 ++- 3 files changed, 45 insertions(+), 32 deletions(-) diffs (126 lines): diff -r 926a7ceeaa10 -r 64ca27392217 src/lib-storage/list/mailbox-list-fs.c --- a/src/lib-storage/list/mailbox-list-fs.c Fri Nov 04 20:11:39 2011 +0200 +++ b/src/lib-storage/list/mailbox-list-fs.c Fri Nov 04 20:36:06 2011 +0200 @@ -316,46 +316,54 @@ return t_strdup_printf("%s/"MAILBOX_LIST_FS_TRASH_DIR_NAME, root_dir); } -static int fs_list_delete_mailbox(struct mailbox_list *list, const char *name) +static int +fs_list_delete_maildir(struct mailbox_list *list, const char *name) { const char *path, *trash_dir; - int ret = 0; - - if ((list->flags & MAILBOX_LIST_FLAG_MAILBOX_FILES) != 0) { - if (mailbox_list_delete_mailbox_file(list, name) < 0) - return -1; - ret = 1; - } + bool rmdir_path; + int ret; if (*list->set.maildir_name != '\0' && - *list->set.mailbox_dir_name != '\0' && ret == 0) { + *list->set.mailbox_dir_name != '\0') { trash_dir = mailbox_list_fs_get_trash_dir(list); ret = mailbox_list_delete_maildir_via_trash(list, name, trash_dir); if (ret < 0) return -1; - /* try to delete the parent directory */ - path = mailbox_list_get_path(list, name, - MAILBOX_LIST_PATH_TYPE_DIR); - if (rmdir(path) < 0 && errno != ENOENT && - errno != ENOTEMPTY && errno != EEXIST) { - mailbox_list_set_critical(list, "rmdir(%s) failed: %m", - path); + if (ret > 0) { + /* try to delete the parent directory */ + path = mailbox_list_get_path(list, name, + MAILBOX_LIST_PATH_TYPE_DIR); + if (rmdir(path) < 0 && errno != ENOENT && + errno != ENOTEMPTY && errno != EEXIST) { + mailbox_list_set_critical(list, + "rmdir(%s) failed: %m", path); + } + return 0; } } - if (ret == 0) { - bool rmdir_path = *list->set.maildir_name != '\0'; + rmdir_path = *list->set.maildir_name != '\0'; + path = mailbox_list_get_path(list, name, + MAILBOX_LIST_PATH_TYPE_MAILBOX); + return mailbox_list_delete_mailbox_nonrecursive(list, name, path, + rmdir_path); +} - path = mailbox_list_get_path(list, name, - MAILBOX_LIST_PATH_TYPE_MAILBOX); - if (mailbox_list_delete_mailbox_nonrecursive(list, name, path, - rmdir_path) < 0) - return -1; +static int fs_list_delete_mailbox(struct mailbox_list *list, const char *name) +{ + int ret; + + if ((list->flags & MAILBOX_LIST_FLAG_MAILBOX_FILES) != 0) { + ret = mailbox_list_delete_mailbox_file(list, name); + } else { + ret = fs_list_delete_maildir(list, name); } - mailbox_list_delete_finish(list, name); - return 0; + + if (ret == 0 || (list->flags & MAILBOX_LIST_FLAG_OPTIONAL_BOXES) != 0) + mailbox_list_delete_finish(list, name); + return ret; } static int fs_list_rmdir(struct mailbox_list *list, const char *name, diff -r 926a7ceeaa10 -r 64ca27392217 src/lib-storage/list/mailbox-list-maildir.c --- a/src/lib-storage/list/mailbox-list-maildir.c Fri Nov 04 20:11:39 2011 +0200 +++ b/src/lib-storage/list/mailbox-list-maildir.c Fri Nov 04 20:36:06 2011 +0200 @@ -402,16 +402,17 @@ static int maildir_list_delete_mailbox(struct mailbox_list *list, const char *name) { + int ret; + if ((list->flags & MAILBOX_LIST_FLAG_MAILBOX_FILES) != 0) { - if (mailbox_list_delete_mailbox_file(list, name) < 0) - return -1; + ret = mailbox_list_delete_mailbox_file(list, name); } else { - if (maildir_list_delete_maildir(list, name) < 0) - return -1; + ret = maildir_list_delete_maildir(list, name); } - mailbox_list_delete_finish(list, name); - return 0; + if (ret == 0 || (list->flags & MAILBOX_LIST_FLAG_OPTIONAL_BOXES) != 0) + mailbox_list_delete_finish(list, name); + return ret; } static int maildir_list_delete_dir(struct mailbox_list *list, const char *name) diff -r 926a7ceeaa10 -r 64ca27392217 src/lib-storage/mailbox-list.h --- a/src/lib-storage/mailbox-list.h Fri Nov 04 20:11:39 2011 +0200 +++ b/src/lib-storage/mailbox-list.h Fri Nov 04 20:36:06 2011 +0200 @@ -32,7 +32,11 @@ MAILBOX_LIST_FLAG_MAILBOX_FILES = 0x01, /* Namespace already has a mailbox list, don't assign this mailbox list to it. */ - MAILBOX_LIST_FLAG_SECONDARY = 0x02 + MAILBOX_LIST_FLAG_SECONDARY = 0x02, + /* Don't assume that just because a mailbox directory doesn't exist + its index/control directories don't exist (e.g. this is index-only + mailbox list) */ + MAILBOX_LIST_FLAG_OPTIONAL_BOXES = 0x04 }; enum mailbox_info_flags { From dovecot at dovecot.org Fri Nov 4 20:26:06 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 04 Nov 2011 20:26:06 +0200 Subject: dovecot-2.1: imapc: Index files weren't deleted when mailbox was... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/a79c256b361e changeset: 13650:a79c256b361e user: Timo Sirainen date: Fri Nov 04 20:36:28 2011 +0200 description: imapc: Index files weren't deleted when mailbox was deleted. diffstat: src/lib-storage/index/imapc/imapc-list.c | 9 ++++++++- 1 files changed, 8 insertions(+), 1 deletions(-) diffs (32 lines): diff -r 64ca27392217 -r a79c256b361e src/lib-storage/index/imapc/imapc-list.c --- a/src/lib-storage/index/imapc/imapc-list.c Fri Nov 04 20:36:06 2011 +0200 +++ b/src/lib-storage/index/imapc/imapc-list.c Fri Nov 04 20:36:28 2011 +0200 @@ -213,7 +213,8 @@ list_set.escape_char = '%'; if (mailbox_list_create(list_set.layout, list->list.ns, - &list_set, MAILBOX_LIST_FLAG_SECONDARY, + &list_set, MAILBOX_LIST_FLAG_SECONDARY | + MAILBOX_LIST_FLAG_OPTIONAL_BOXES, &list->index_list, &error) < 0) { i_error("imapc: Couldn't create %s mailbox list: %s", list_set.layout, error); @@ -505,12 +506,18 @@ imapc_list_delete_mailbox(struct mailbox_list *_list, const char *name) { struct imapc_mailbox_list *list = (struct imapc_mailbox_list *)_list; + struct mailbox_list *fs_list = imapc_list_get_fs(list); struct imapc_command *cmd; struct imapc_simple_context ctx; cmd = imapc_list_simple_context_init(&ctx, list); imapc_command_sendf(cmd, "DELETE %s", name); imapc_simple_run(&ctx); + + if (fs_list != NULL && ctx.ret == 0) { + name = imapc_list_get_fs_name(list, name); + (void)fs_list->v.delete_mailbox(fs_list, name); + } return ctx.ret; } From dovecot at dovecot.org Fri Nov 4 21:10:59 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 04 Nov 2011 21:10:59 +0200 Subject: dovecot-2.1: imapc: Don't use separate indexes/ directory anymor... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/7e1981ecbe40 changeset: 13652:7e1981ecbe40 user: Timo Sirainen date: Fri Nov 04 21:20:19 2011 +0200 description: imapc: Don't use separate indexes/ directory anymore. Fixes/cleanups to make it possible. diffstat: src/lib-storage/index/imapc/imapc-list.c | 31 +++++++++++++--------------- src/lib-storage/index/imapc/imapc-storage.c | 1 + src/lib-storage/index/imapc/imapc-storage.h | 1 + src/lib-storage/list/mailbox-list-fs.c | 2 +- src/lib-storage/list/mailbox-list-maildir.c | 2 +- src/lib-storage/mailbox-list.c | 11 ++++++++- src/lib-storage/mailbox-list.h | 10 +++----- 7 files changed, 31 insertions(+), 27 deletions(-) diffs (161 lines): diff -r ebdb1d51ea14 -r 7e1981ecbe40 src/lib-storage/index/imapc/imapc-list.c --- a/src/lib-storage/index/imapc/imapc-list.c Fri Nov 04 21:17:09 2011 +0200 +++ b/src/lib-storage/index/imapc/imapc-list.c Fri Nov 04 21:20:19 2011 +0200 @@ -205,16 +205,11 @@ } else if (list->index_list == NULL && !list->index_list_failed) { memset(&list_set, 0, sizeof(list_set)); list_set.layout = MAILBOX_LIST_NAME_MAILDIRPLUSPLUS; - /* the root dir shouldn't actually ever be used. we just need - it to be different from index_dir so the index directories - get autocreated */ list_set.root_dir = dir; - list_set.index_dir = t_strconcat(dir, "/indexes", NULL); - list_set.escape_char = '%'; + list_set.escape_char = IMAPC_LIST_ESCAPE_CHAR; if (mailbox_list_create(list_set.layout, list->list.ns, - &list_set, MAILBOX_LIST_FLAG_SECONDARY | - MAILBOX_LIST_FLAG_OPTIONAL_BOXES, + &list_set, MAILBOX_LIST_FLAG_SECONDARY, &list->index_list, &error) < 0) { i_error("imapc: Couldn't create %s mailbox list: %s", list_set.layout, error); @@ -589,16 +584,18 @@ i_assert(list->sep != '\0'); vname = mailbox_list_default_get_vname(_list, name); - node = mailbox_tree_lookup(list->mailboxes, vname); - if (node != NULL) - node->flags |= MAILBOX_NONEXISTENT; + if (!list->refreshed_mailboxes) { + node = mailbox_tree_lookup(list->mailboxes, vname); + if (node != NULL) + node->flags |= MAILBOX_NONEXISTENT; - /* refresh the mailbox flags */ - cmd = imapc_list_simple_context_init(&sctx, list); - imapc_command_sendf(cmd, "LIST \"\" %s", name); - imapc_simple_run(&sctx); - if (sctx.ret < 0) - return -1; + /* refresh the mailbox flags */ + cmd = imapc_list_simple_context_init(&sctx, list); + imapc_command_sendf(cmd, "LIST \"\" %s", name); + imapc_simple_run(&sctx); + if (sctx.ret < 0) + return -1; + } node = mailbox_tree_lookup(list->mailboxes, vname); if (node == NULL) @@ -610,7 +607,7 @@ struct mailbox_list imapc_mailbox_list = { .name = MAILBOX_LIST_NAME_IMAPC, - .props = MAILBOX_LIST_PROP_NO_ROOT, + .props = MAILBOX_LIST_PROP_NO_ROOT | MAILBOX_LIST_PROP_AUTOCREATE_DIRS, .mailbox_name_max_length = MAILBOX_LIST_NAME_MAX_LENGTH, { diff -r ebdb1d51ea14 -r 7e1981ecbe40 src/lib-storage/index/imapc/imapc-storage.c --- a/src/lib-storage/index/imapc/imapc-storage.c Fri Nov 04 21:17:09 2011 +0200 +++ b/src/lib-storage/index/imapc/imapc-storage.c Fri Nov 04 21:20:19 2011 +0200 @@ -288,6 +288,7 @@ struct mailbox_list_settings *set) { set->layout = MAILBOX_LIST_NAME_IMAPC; + set->escape_char = IMAPC_LIST_ESCAPE_CHAR; } static struct mailbox * diff -r ebdb1d51ea14 -r 7e1981ecbe40 src/lib-storage/index/imapc/imapc-storage.h --- a/src/lib-storage/index/imapc/imapc-storage.h Fri Nov 04 21:17:09 2011 +0200 +++ b/src/lib-storage/index/imapc/imapc-storage.h Fri Nov 04 21:20:19 2011 +0200 @@ -5,6 +5,7 @@ #define IMAPC_STORAGE_NAME "imapc" #define IMAPC_INDEX_PREFIX "dovecot.index" +#define IMAPC_LIST_ESCAPE_CHAR '%' struct imap_arg; struct imapc_untagged_reply; diff -r ebdb1d51ea14 -r 7e1981ecbe40 src/lib-storage/list/mailbox-list-fs.c --- a/src/lib-storage/list/mailbox-list-fs.c Fri Nov 04 21:17:09 2011 +0200 +++ b/src/lib-storage/list/mailbox-list-fs.c Fri Nov 04 21:20:19 2011 +0200 @@ -361,7 +361,7 @@ ret = fs_list_delete_maildir(list, name); } - if (ret == 0 || (list->flags & MAILBOX_LIST_FLAG_OPTIONAL_BOXES) != 0) + if (ret == 0 || (list->props & MAILBOX_LIST_PROP_AUTOCREATE_DIRS) != 0) mailbox_list_delete_finish(list, name); return ret; } diff -r ebdb1d51ea14 -r 7e1981ecbe40 src/lib-storage/list/mailbox-list-maildir.c --- a/src/lib-storage/list/mailbox-list-maildir.c Fri Nov 04 21:17:09 2011 +0200 +++ b/src/lib-storage/list/mailbox-list-maildir.c Fri Nov 04 21:20:19 2011 +0200 @@ -410,7 +410,7 @@ ret = maildir_list_delete_maildir(list, name); } - if (ret == 0 || (list->flags & MAILBOX_LIST_FLAG_OPTIONAL_BOXES) != 0) + if (ret == 0 || (list->props & MAILBOX_LIST_PROP_AUTOCREATE_DIRS) != 0) mailbox_list_delete_finish(list, name); return ret; } diff -r ebdb1d51ea14 -r 7e1981ecbe40 src/lib-storage/mailbox-list.c --- a/src/lib-storage/mailbox-list.c Fri Nov 04 21:17:09 2011 +0200 +++ b/src/lib-storage/mailbox-list.c Fri Nov 04 21:20:19 2011 +0200 @@ -1307,7 +1307,9 @@ enum mailbox_existence existence; int ret; - box = mailbox_alloc(list, "INBOX", 0); + /* kludge: with imapc backend we can get here with + list=Maildir++ (for indexes), but list->ns->list=imapc */ + box = mailbox_alloc(list->ns->list, "INBOX", 0); ret = mailbox_exists(box, FALSE, &existence); mailbox_free(&box); if (ret < 0) { @@ -1730,8 +1732,13 @@ MAILBOX_LIST_PATH_TYPE_MAILBOX); index_dir = mailbox_list_get_path(list, name, MAILBOX_LIST_PATH_TYPE_INDEX); - if (*index_dir == '\0' || strcmp(index_dir, root_dir) == 0) + if (*index_dir == '\0') return 0; + if (strcmp(index_dir, root_dir) == 0) { + if ((list->props & MAILBOX_LIST_PROP_AUTOCREATE_DIRS) == 0) + return 0; + /* the directory might not have been created yet */ + } if (name == NULL) { return mailbox_list_mkdir_root(list, index_dir, diff -r ebdb1d51ea14 -r 7e1981ecbe40 src/lib-storage/mailbox-list.h --- a/src/lib-storage/mailbox-list.h Fri Nov 04 21:17:09 2011 +0200 +++ b/src/lib-storage/mailbox-list.h Fri Nov 04 21:20:19 2011 +0200 @@ -24,7 +24,9 @@ /* no support for \noselect directories, only mailboxes */ MAILBOX_LIST_PROP_NO_NOSELECT = 0x04, /* mail root directory isn't required */ - MAILBOX_LIST_PROP_NO_ROOT = 0x08 + MAILBOX_LIST_PROP_NO_ROOT = 0x08, + /* Automatically create mailbox directories when needed */ + MAILBOX_LIST_PROP_AUTOCREATE_DIRS = 0x10 }; enum mailbox_list_flags { @@ -32,11 +34,7 @@ MAILBOX_LIST_FLAG_MAILBOX_FILES = 0x01, /* Namespace already has a mailbox list, don't assign this mailbox list to it. */ - MAILBOX_LIST_FLAG_SECONDARY = 0x02, - /* Don't assume that just because a mailbox directory doesn't exist - its index/control directories don't exist (e.g. this is index-only - mailbox list) */ - MAILBOX_LIST_FLAG_OPTIONAL_BOXES = 0x04 + MAILBOX_LIST_FLAG_SECONDARY = 0x02 }; enum mailbox_info_flags { From dovecot at dovecot.org Fri Nov 4 21:10:58 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 04 Nov 2011 21:10:58 +0200 Subject: dovecot-2.1: imapc: If rawlog directory doesn't exist, silently ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/ebdb1d51ea14 changeset: 13651:ebdb1d51ea14 user: Timo Sirainen date: Fri Nov 04 21:17:09 2011 +0200 description: imapc: If rawlog directory doesn't exist, silently ignore it. diffstat: src/lib-imap-client/imapc-connection.c | 8 ++++++-- 1 files changed, 6 insertions(+), 2 deletions(-) diffs (39 lines): diff -r a79c256b361e -r ebdb1d51ea14 src/lib-imap-client/imapc-connection.c --- a/src/lib-imap-client/imapc-connection.c Fri Nov 04 20:36:28 2011 +0200 +++ b/src/lib-imap-client/imapc-connection.c Fri Nov 04 21:17:09 2011 +0200 @@ -1150,6 +1150,7 @@ static int imapc_connection_ssl_init(struct imapc_connection *conn) { struct ssl_iostream_settings ssl_set; + struct stat st; const char *source; if (conn->client->ssl_ctx == NULL) { @@ -1194,7 +1195,8 @@ return -1; } - if (*conn->client->set.rawlog_dir != '\0') { + if (*conn->client->set.rawlog_dir != '\0' && + stat(conn->client->set.rawlog_dir, &st) == 0) { (void)iostream_rawlog_create(conn->client->set.rawlog_dir, &conn->input, &conn->output); } @@ -1268,6 +1270,7 @@ static void imapc_connection_connect_next_ip(struct imapc_connection *conn) { const struct ip_addr *ip; + struct stat st; int fd; conn->prev_connect_idx = (conn->prev_connect_idx+1) % conn->ips_count; @@ -1282,7 +1285,8 @@ conn->output = conn->raw_output = o_stream_create_fd(fd, (size_t)-1, FALSE); if (*conn->client->set.rawlog_dir != '\0' && - conn->client->set.ssl_mode != IMAPC_CLIENT_SSL_MODE_IMMEDIATE) { + conn->client->set.ssl_mode != IMAPC_CLIENT_SSL_MODE_IMMEDIATE && + stat(conn->client->set.rawlog_dir, &st) == 0) { (void)iostream_rawlog_create(conn->client->set.rawlog_dir, &conn->input, &conn->output); } From dovecot at dovecot.org Fri Nov 4 21:10:59 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 04 Nov 2011 21:10:59 +0200 Subject: dovecot-2.1: imapc: When doing a LIST, delete any extra local ma... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/0103b917fa0c changeset: 13653:0103b917fa0c user: Timo Sirainen date: Fri Nov 04 21:21:11 2011 +0200 description: imapc: When doing a LIST, delete any extra local mailbox (index) directories. diffstat: src/lib-storage/index/imapc/imapc-list.c | 27 ++++++++++++++++++++++++++- 1 files changed, 26 insertions(+), 1 deletions(-) diffs (45 lines): diff -r 7e1981ecbe40 -r 0103b917fa0c src/lib-storage/index/imapc/imapc-list.c --- a/src/lib-storage/index/imapc/imapc-list.c Fri Nov 04 21:20:19 2011 +0200 +++ b/src/lib-storage/index/imapc/imapc-list.c Fri Nov 04 21:21:11 2011 +0200 @@ -283,6 +283,29 @@ imapc_list_simple_callback, ctx); } +static void imapc_list_delete_unused_indexes(struct imapc_mailbox_list *list) +{ + struct mailbox_list *fs_list = imapc_list_get_fs(list); + struct mailbox_list_iterate_context *iter; + const struct mailbox_info *info; + const char *fs_name; + + if (fs_list == NULL) + return; + + iter = mailbox_list_iter_init(fs_list, "*", + MAILBOX_LIST_ITER_NO_AUTO_BOXES | + MAILBOX_LIST_ITER_RETURN_NO_FLAGS); + while ((info = mailbox_list_iter_next(iter)) != NULL) { + if (mailbox_tree_lookup(list->mailboxes, info->name) == NULL) { + fs_name = mailbox_list_get_storage_name(fs_list, + info->name); + (void)fs_list->v.delete_mailbox(fs_list, fs_name); + } + } + (void)mailbox_list_iter_deinit(&iter); +} + static int imapc_list_refresh(struct imapc_mailbox_list *list) { struct imapc_command *cmd; @@ -299,8 +322,10 @@ list->mailboxes = mailbox_tree_init(list->sep); imapc_simple_run(&ctx); - if (ctx.ret == 0) + if (ctx.ret == 0) { list->refreshed_mailboxes = TRUE; + imapc_list_delete_unused_indexes(list); + } return ctx.ret; } From dovecot at dovecot.org Fri Nov 4 23:50:30 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 04 Nov 2011 23:50:30 +0200 Subject: dovecot-2.0: lmtp: Changed default client_limit to 1. Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/9d8e51404745 changeset: 12953:9d8e51404745 user: Timo Sirainen date: Sat Nov 05 00:00:49 2011 +0200 description: lmtp: Changed default client_limit to 1. LMTP processes can wait a long time on disk I/O, so a single process will be busy waiting long before it reaches default_client_limit (100). diffstat: src/lmtp/lmtp-settings.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r 878ddbd54f44 -r 9d8e51404745 src/lmtp/lmtp-settings.c --- a/src/lmtp/lmtp-settings.c Tue Oct 25 22:58:02 2011 +0300 +++ b/src/lmtp/lmtp-settings.c Sat Nov 05 00:00:49 2011 +0200 @@ -41,7 +41,7 @@ .process_min_avail = 0, .process_limit = 0, - .client_limit = 0, + .client_limit = 1, .service_count = 0, .idle_kill = 0, .vsz_limit = 0, From dovecot at dovecot.org Fri Nov 4 23:54:41 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 04 Nov 2011 23:54:41 +0200 Subject: dovecot-2.0: Use SSL_MODE_RELEASE_BUFFERS if available to keep m... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/a7941e178637 changeset: 12954:a7941e178637 user: Cristian Rodr?guez date: Thu Oct 13 16:19:52 2011 -0300 description: Use SSL_MODE_RELEASE_BUFFERS if available to keep memory usage low. diffstat: src/login-common/ssl-proxy-openssl.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diffs (13 lines): diff -r 9d8e51404745 -r a7941e178637 src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Sat Nov 05 00:00:49 2011 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Thu Oct 13 16:19:52 2011 -0300 @@ -925,6 +925,9 @@ STACK_OF(X509_NAME) *xnames = NULL; SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2); +#ifdef SSL_MODE_RELEASE_BUFFERS + SSL_CTX_set_mode(ssl_ctx, SSL_MODE_RELEASE_BUFFERS); +#endif if (*set->ssl_ca != '\0') { /* set trusted CA certs */ store = SSL_CTX_get_cert_store(ssl_ctx); From dovecot at dovecot.org Fri Nov 4 23:56:53 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 04 Nov 2011 23:56:53 +0200 Subject: dovecot-2.1: Use SSL_MODE_RELEASE_BUFFERS if available to keep m... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/88d5239c0d9a changeset: 13655:88d5239c0d9a user: Timo Sirainen date: Sat Nov 05 00:07:14 2011 +0200 description: Use SSL_MODE_RELEASE_BUFFERS if available to keep memory usage low. Based on patch by Cristian Rodr?guez. diffstat: src/login-common/ssl-proxy-openssl.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diffs (14 lines): diff -r b5d4b4e43840 -r 88d5239c0d9a src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Sat Nov 05 00:00:49 2011 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Sat Nov 05 00:07:14 2011 +0200 @@ -931,6 +931,10 @@ /* enable all SSL workarounds */ SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL); +#ifdef SSL_MODE_RELEASE_BUFFERS + SSL_CTX_set_mode(ssl_ctx, SSL_MODE_RELEASE_BUFFERS); +#endif + if (*set->ssl_ca != '\0') { /* set trusted CA certs */ store = SSL_CTX_get_cert_store(ssl_ctx); From dovecot at dovecot.org Fri Nov 4 23:56:53 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 04 Nov 2011 23:56:53 +0200 Subject: dovecot-2.1: lmtp: Changed default client_limit to 1. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/b5d4b4e43840 changeset: 13654:b5d4b4e43840 user: Timo Sirainen date: Sat Nov 05 00:00:49 2011 +0200 description: lmtp: Changed default client_limit to 1. LMTP processes can wait a long time on disk I/O, so a single process will be busy waiting long before it reaches default_client_limit (100). diffstat: src/lmtp/lmtp-settings.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r 0103b917fa0c -r b5d4b4e43840 src/lmtp/lmtp-settings.c --- a/src/lmtp/lmtp-settings.c Fri Nov 04 21:21:11 2011 +0200 +++ b/src/lmtp/lmtp-settings.c Sat Nov 05 00:00:49 2011 +0200 @@ -41,7 +41,7 @@ .process_min_avail = 0, .process_limit = 0, - .client_limit = 0, + .client_limit = 1, .service_count = 0, .idle_kill = 0, .vsz_limit = 0, From dovecot at dovecot.org Sat Nov 5 00:08:40 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 00:08:40 +0200 Subject: dovecot-2.0: man: Added -f option to doveadm-user.1. Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/0330312d2182 changeset: 12955:0330312d2182 user: Pascal Volk date: Fri Nov 04 21:57:05 2011 +0000 description: man: Added -f option to doveadm-user.1. diffstat: doc/man/doveadm-user.1.in | 13 ++++++++++--- 1 files changed, 10 insertions(+), 3 deletions(-) diffs (38 lines): diff -r a7941e178637 -r 0330312d2182 doc/man/doveadm-user.1.in --- a/doc/man/doveadm-user.1.in Thu Oct 13 16:19:52 2011 -0300 +++ b/doc/man/doveadm-user.1.in Fri Nov 04 21:57:05 2011 +0000 @@ -1,11 +1,12 @@ -.\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-USER 1 "2010-06-22" "Dovecot v2.0" "Dovecot" +.\" Copyright (c) 2010-2011 Dovecot authors, see the included COPYING file +.TH DOVEADM\-USER 1 "2011-11-04" "Dovecot v2.0" "Dovecot" .SH NAME doveadm\-user \- Perform a user lookup in Dovecot\(aqs userdbs .\"------------------------------------------------------------------------ .SH SYNOPSIS .BR doveadm " [" \-Dv "] " user [\fB\-a\fP \fIuserdb_socket_path\fP] +[\fB\-f\fP \fIfield\fP] [\fB\-x\fP \fIauth_info\fP] .IR user\ ... .\"------------------------------------------------------------------------ @@ -58,6 +59,12 @@ .IR @pkgsysconfdir@/dovecot.conf . .\"------------------------------------- .TP +.BI \-f\ field +When this option and the name of a userdb field is given, +.BR doveadm (1) +will show only the value of the specified field. +.\"------------------------------------- +.TP .BI \-x\ auth_info .I auth_info specifies additional conditions for the @@ -144,4 +151,4 @@ @INCLUDE:reporting-bugs@ .\"------------------------------------------------------------------------ .SH SEE ALSO -.BR doveadm (1) +.BR doveadm (1) \ No newline at end of file From dovecot at dovecot.org Sat Nov 5 00:08:44 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 00:08:44 +0200 Subject: dovecot-2.1: man: Added -f option to doveadm-user.1. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/5cf885412627 changeset: 13656:5cf885412627 user: Pascal Volk date: Fri Nov 04 21:57:05 2011 +0000 description: man: Added -f option to doveadm-user.1. diffstat: doc/man/doveadm-user.1.in | 13 ++++++++++--- 1 files changed, 10 insertions(+), 3 deletions(-) diffs (38 lines): diff -r 88d5239c0d9a -r 5cf885412627 doc/man/doveadm-user.1.in --- a/doc/man/doveadm-user.1.in Sat Nov 05 00:07:14 2011 +0200 +++ b/doc/man/doveadm-user.1.in Fri Nov 04 21:57:05 2011 +0000 @@ -1,11 +1,12 @@ -.\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-USER 1 "2010-06-22" "Dovecot v2.0" "Dovecot" +.\" Copyright (c) 2010-2011 Dovecot authors, see the included COPYING file +.TH DOVEADM\-USER 1 "2011-11-04" "Dovecot v2.0" "Dovecot" .SH NAME doveadm\-user \- Perform a user lookup in Dovecot\(aqs userdbs .\"------------------------------------------------------------------------ .SH SYNOPSIS .BR doveadm " [" \-Dv "] " user [\fB\-a\fP \fIuserdb_socket_path\fP] +[\fB\-f\fP \fIfield\fP] [\fB\-x\fP \fIauth_info\fP] .IR user\ ... .\"------------------------------------------------------------------------ @@ -58,6 +59,12 @@ .IR @pkgsysconfdir@/dovecot.conf . .\"------------------------------------- .TP +.BI \-f\ field +When this option and the name of a userdb field is given, +.BR doveadm (1) +will show only the value of the specified field. +.\"------------------------------------- +.TP .BI \-x\ auth_info .I auth_info specifies additional conditions for the @@ -144,4 +151,4 @@ @INCLUDE:reporting-bugs@ .\"------------------------------------------------------------------------ .SH SEE ALSO -.BR doveadm (1) +.BR doveadm (1) \ No newline at end of file From dovecot at dovecot.org Sat Nov 5 17:21:28 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 17:21:28 +0200 Subject: dovecot-2.1: fts-lucene: Index the header name tokenized, or we ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/6e7658437688 changeset: 13658:6e7658437688 user: Timo Sirainen date: Sat Nov 05 17:30:55 2011 +0200 description: fts-lucene: Index the header name tokenized, or we can't search it. diffstat: src/plugins/fts-lucene/lucene-wrapper.cc | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r c700ff42a6cc -r 6e7658437688 src/plugins/fts-lucene/lucene-wrapper.cc --- a/src/plugins/fts-lucene/lucene-wrapper.cc Sat Nov 05 17:11:40 2011 +0200 +++ b/src/plugins/fts-lucene/lucene-wrapper.cc Sat Nov 05 17:30:55 2011 +0200 @@ -509,7 +509,7 @@ wchar_t wname[namesize]; lucene_utf8_n_to_tchar((const unsigned char *)hdr_name, strlen(hdr_name), wname, namesize); - index->doc->add(*_CLNEW Field(_T("hdr"), wname, Field::STORE_NO | Field::INDEX_UNTOKENIZED)); + index->doc->add(*_CLNEW Field(_T("hdr"), wname, Field::STORE_NO | Field::INDEX_TOKENIZED)); index->doc->add(*_CLNEW Field(_T("hdr"), dest, Field::STORE_NO | Field::INDEX_TOKENIZED)); if (fts_header_want_indexed(hdr_name)) From dovecot at dovecot.org Sat Nov 5 17:21:28 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 17:21:28 +0200 Subject: dovecot-2.1: fts-lucene: Fixed handling "maybe" queries (unindex... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/c700ff42a6cc changeset: 13657:c700ff42a6cc user: Timo Sirainen date: Sat Nov 05 17:11:40 2011 +0200 description: fts-lucene: Fixed handling "maybe" queries (unindexed headers) diffstat: src/plugins/fts-lucene/lucene-wrapper.cc | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (16 lines): diff -r 5cf885412627 -r c700ff42a6cc src/plugins/fts-lucene/lucene-wrapper.cc --- a/src/plugins/fts-lucene/lucene-wrapper.cc Fri Nov 04 21:57:05 2011 +0000 +++ b/src/plugins/fts-lucene/lucene-wrapper.cc Sat Nov 05 17:11:40 2011 +0200 @@ -1193,11 +1193,11 @@ result->scores_sorted = false; last_uid = uid; - seq_range_array_add(uids_r, 0, uid); score = array_append_space(&result->scores); score->uid = uid; score->score = hits->score(i); } + seq_range_array_add(uids_r, 0, uid); } _CLDELETE(hits); return ret; From dovecot at dovecot.org Sat Nov 5 17:21:28 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 17:21:28 +0200 Subject: dovecot-2.1: fts-lucene: Optimize searching for existence of an ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/efe369e2885d changeset: 13659:efe369e2885d user: Timo Sirainen date: Sat Nov 05 17:31:47 2011 +0200 description: fts-lucene: Optimize searching for existence of an indexed header. diffstat: src/plugins/fts-lucene/lucene-wrapper.cc | 24 +++++++++++------------- 1 files changed, 11 insertions(+), 13 deletions(-) diffs (54 lines): diff -r 6e7658437688 -r efe369e2885d src/plugins/fts-lucene/lucene-wrapper.cc --- a/src/plugins/fts-lucene/lucene-wrapper.cc Sat Nov 05 17:30:55 2011 +0200 +++ b/src/plugins/fts-lucene/lucene-wrapper.cc Sat Nov 05 17:31:47 2011 +0200 @@ -1082,12 +1082,9 @@ case SEARCH_HEADER: case SEARCH_HEADER_ADDRESS: case SEARCH_HEADER_COMPRESS_LWSP: - if (!fts_header_want_indexed(arg->hdr_field_name)) + if (!fts_header_want_indexed(arg->hdr_field_name) || + *arg->value.str == '\0') return false; - if (*arg->value.str == '\0') { - /* FIXME: handle existence of a search key */ - return false; - } q = lucene_get_query(index, t_lucene_utf8_to_tchar(index, arg->hdr_field_name, FALSE), @@ -1115,7 +1112,7 @@ lucene_add_maybe_query(struct lucene_index *index, BooleanQuery &query, struct mail_search_arg *arg, bool and_args) { - Query *q; + Query *q = NULL; if (arg->match_not && !and_args) { /* FIXME: we could handle this by doing multiple queries.. */ @@ -1126,18 +1123,19 @@ case SEARCH_HEADER: case SEARCH_HEADER_ADDRESS: case SEARCH_HEADER_COMPRESS_LWSP: + if (*arg->value.str == '\0') { + /* checking potential existence of the header name */ + q = lucene_get_query_str(index, _T("hdr"), + arg->hdr_field_name, FALSE); + break; + } + if (fts_header_want_indexed(arg->hdr_field_name)) return false; /* we can check if the search key exists in some header and filter out the messages that have no chance of matching */ - if (*arg->value.str != '\0') - q = lucene_get_query(index, _T("hdr"), arg); - else { - /* checking potential existence of the header name */ - q = lucene_get_query_str(index, _T("hdr"), - arg->hdr_field_name, FALSE); - } + q = lucene_get_query(index, _T("hdr"), arg); break; default: return false; From dovecot at dovecot.org Sat Nov 5 17:48:50 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 17:48:50 +0200 Subject: dovecot-2.1: fts: Added FTS_BACKEND_FLAG_BUILD_FULL_WORDS for se... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/f4a95383ea8a changeset: 13660:f4a95383ea8a user: Timo Sirainen date: Sat Nov 05 17:58:50 2011 +0200 description: fts: Added FTS_BACKEND_FLAG_BUILD_FULL_WORDS for sending data to backends only in full words. diffstat: src/plugins/fts/fts-api-private.h | 4 +- src/plugins/fts/fts-build-mail.c | 82 +++++++++++++++++++++++++++++++++++--- 2 files changed, 78 insertions(+), 8 deletions(-) diffs (153 lines): diff -r efe369e2885d -r f4a95383ea8a src/plugins/fts/fts-api-private.h --- a/src/plugins/fts/fts-api-private.h Sat Nov 05 17:31:47 2011 +0200 +++ b/src/plugins/fts/fts-api-private.h Sat Nov 05 17:58:50 2011 +0200 @@ -55,7 +55,9 @@ FTS_BACKEND_FLAG_BINARY_MIME_PARTS = 0x01, /* Send built text to backend as decomposed titlecase rather than preserving original case */ - FTS_BACKEND_FLAG_BUILD_DTCASE = 0x02 + FTS_BACKEND_FLAG_BUILD_DTCASE = 0x02, + /* Send only fully indexable words rather than randomly sized blocks */ + FTS_BACKEND_FLAG_BUILD_FULL_WORDS = 0x04 }; struct fts_backend { diff -r efe369e2885d -r f4a95383ea8a src/plugins/fts/fts-build-mail.c --- a/src/plugins/fts/fts-build-mail.c Sat Nov 05 17:31:47 2011 +0200 +++ b/src/plugins/fts/fts-build-mail.c Sat Nov 05 17:58:50 2011 +0200 @@ -2,6 +2,7 @@ #include "lib.h" #include "istream.h" +#include "buffer.h" #include "str.h" #include "rfc822-parser.h" #include "message-address.h" @@ -12,12 +13,21 @@ #include "fts-api-private.h" #include "fts-build-mail.h" +/* there are other characters as well, but this doesn't have to be exact */ +#define IS_WORD_WHITESPACE(c) \ + ((c) == ' ' || (c) == '\t' || (c) == '\n') +/* if we see a word larger than this, just go ahead and split it from + wherever */ +#define MAX_WORD_SIZE 1024 + struct fts_mail_build_context { struct mail *mail; struct fts_backend_update_context *update_ctx; char *content_type, *content_disposition; struct fts_parser *body_parser; + + buffer_t *word_buf; }; static void fts_build_parse_content_type(struct fts_mail_build_context *ctx, @@ -175,6 +185,65 @@ return fts_backend_update_set_build_key(ctx->update_ctx, &key); } +static int fts_build_body_block(struct fts_mail_build_context *ctx, + struct message_block *block, bool last) +{ + unsigned int i; + + i_assert(block->hdr == NULL); + + if ((ctx->update_ctx->backend->flags & + FTS_BACKEND_FLAG_BUILD_FULL_WORDS) == 0) { + return fts_backend_update_build_more(ctx->update_ctx, + block->data, block->size); + } + /* we'll need to send only full words to the backend */ + + if (ctx->word_buf != NULL && ctx->word_buf->used > 0) { + /* continuing previous word */ + for (i = 0; i < block->size; i++) { + if (IS_WORD_WHITESPACE(block->data[i])) + break; + } + buffer_append(ctx->word_buf, block->data, i); + block->data += i; + block->size -= i; + if (block->size == 0 && ctx->word_buf->used < MAX_WORD_SIZE && + !last) { + /* word is still not finished */ + return 0; + } + /* we have a full word, index it */ + if (fts_backend_update_build_more(ctx->update_ctx, + ctx->word_buf->data, + ctx->word_buf->used) < 0) + return -1; + buffer_set_used_size(ctx->word_buf, 0); + } + + /* find the boundary for last word */ + if (last) + i = block->size; + else { + for (i = block->size; i > 0; i--) { + if (IS_WORD_WHITESPACE(block->data[i-1])) + break; + } + } + + if (fts_backend_update_build_more(ctx->update_ctx, block->data, i) < 0) + return -1; + + if (i < block->size) { + if (ctx->word_buf == NULL) { + ctx->word_buf = + buffer_create_dynamic(default_pool, 128); + } + buffer_append(ctx->word_buf, block->data + i, block->size - i); + } + return 0; +} + static int fts_body_parser_finish(struct fts_mail_build_context *ctx) { struct message_block block; @@ -183,9 +252,7 @@ do { memset(&block, 0, sizeof(block)); fts_parser_more(ctx->body_parser, &block); - if (fts_backend_update_build_more(ctx->update_ctx, - block.data, - block.size) < 0) { + if (fts_build_body_block(ctx, &block, FALSE) < 0) { ret = -1; break; } @@ -282,9 +349,7 @@ i_assert(body_part); if (ctx.body_parser != NULL) fts_parser_more(ctx.body_parser, &block); - if (fts_backend_update_build_more(update_ctx, - block.data, - block.size) < 0) { + if (fts_build_body_block(&ctx, &block, FALSE) < 0) { ret = -1; break; } @@ -295,13 +360,16 @@ ret = fts_body_parser_finish(&ctx); if (ret == 0 && body_part && !skip_body && !body_added) { /* make sure body is added even when it doesn't exist */ - ret = fts_backend_update_build_more(update_ctx, NULL, 0); + block.data = NULL; block.size = 0; + ret = fts_build_body_block(&ctx, &block, TRUE); } if (message_parser_deinit(&parser, &parts) < 0) mail_set_cache_corrupted(mail, MAIL_FETCH_MESSAGE_PARTS); message_decoder_deinit(&decoder); i_free(ctx.content_type); i_free(ctx.content_disposition); + if (ctx.word_buf != NULL) + buffer_free(&ctx.word_buf); return ret < 0 ? -1 : 1; } From dovecot at dovecot.org Sat Nov 5 17:48:51 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 17:48:51 +0200 Subject: dovecot-2.1: fts-lucene: Use FTS_BACKEND_FLAG_BUILD_FULL_WORDS f... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/21145b853d64 changeset: 13661:21145b853d64 user: Timo Sirainen date: Sat Nov 05 17:59:11 2011 +0200 description: fts-lucene: Use FTS_BACKEND_FLAG_BUILD_FULL_WORDS flag. diffstat: src/plugins/fts-lucene/fts-backend-lucene.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r f4a95383ea8a -r 21145b853d64 src/plugins/fts-lucene/fts-backend-lucene.c --- a/src/plugins/fts-lucene/fts-backend-lucene.c Sat Nov 05 17:58:50 2011 +0200 +++ b/src/plugins/fts-lucene/fts-backend-lucene.c Sat Nov 05 17:59:11 2011 +0200 @@ -545,7 +545,7 @@ struct fts_backend fts_backend_lucene = { .name = "lucene", - .flags = 0, + .flags = FTS_BACKEND_FLAG_BUILD_FULL_WORDS, { fts_backend_lucene_alloc, From dovecot at dovecot.org Sat Nov 5 19:07:39 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 19:07:39 +0200 Subject: dovecot-2.1: master: Wait for services to stop listening before ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/6894298ae5fd changeset: 13662:6894298ae5fd user: Timo Sirainen date: Sat Nov 05 19:17:59 2011 +0200 description: master: Wait for services to stop listening before unlinking the pid file. diffstat: src/master/main.c | 19 ++++++++++++++++--- src/master/service-monitor.c | 41 +++++++++++++++++++++++++++++++++++++---- src/master/service-monitor.h | 2 +- src/master/service.c | 7 ++++--- src/master/service.h | 3 ++- 5 files changed, 60 insertions(+), 12 deletions(-) diffs (188 lines): diff -r 21145b853d64 -r 6894298ae5fd src/master/main.c --- a/src/master/main.c Sat Nov 05 17:59:11 2011 +0200 +++ b/src/master/main.c Sat Nov 05 19:17:59 2011 +0200 @@ -330,7 +330,7 @@ services->config->config_file_path); /* switch to new configuration. */ - services_monitor_stop(services); + services_monitor_stop(services, FALSE); if (services_listen_using(new_services, services) < 0) { services_monitor_start(services); return; @@ -342,7 +342,7 @@ while (service->processes != NULL) service_process_destroy(service->processes); } - services_destroy(services); + services_destroy(services, FALSE); services = new_services; services_monitor_start(services); @@ -455,13 +455,26 @@ services_monitor_start(services); } +static void global_dead_pipe_close(void) +{ + if (close(global_master_dead_pipe_fd[0]) < 0) + i_error("close(global dead pipe) failed: %m"); + if (close(global_master_dead_pipe_fd[1]) < 0) + i_error("close(global dead pipe) failed: %m"); + global_master_dead_pipe_fd[0] = -1; + global_master_dead_pipe_fd[1] = -1; +} + static void main_deinit(void) { + /* kill services and wait for them to die before unlinking pid file */ + global_dead_pipe_close(); + services_destroy(services, TRUE); + if (unlink(pidfile_path) < 0) i_error("unlink(%s) failed: %m", pidfile_path); i_free(pidfile_path); - services_destroy(services); service_anvil_global_deinit(); service_pids_deinit(); } diff -r 21145b853d64 -r 6894298ae5fd src/master/service-monitor.c --- a/src/master/service-monitor.c Sat Nov 05 17:59:11 2011 +0200 +++ b/src/master/service-monitor.c Sat Nov 05 19:17:59 2011 +0200 @@ -23,6 +23,7 @@ #define SERVICE_STARTUP_FAILURE_THROTTLE_SECS 60 #define SERVICE_DROP_WARN_INTERVAL_SECS 60 #define SERVICE_DROP_TIMEOUT_MSECS (10*1000) +#define MAX_DIE_WAIT_SECS 5 static void service_monitor_start_extra_avail(struct service *service); static void service_status_more(struct service_process *process, @@ -171,8 +172,10 @@ if (ret <= 0) { if (ret == 0) service_error(service, "read(status) failed: EOF"); + else if (errno != EAGAIN) + service_error(service, "read(status) failed: %m"); else - service_error(service, "read(status) failed: %m"); + return; service_monitor_stop(service); return; } @@ -467,7 +470,28 @@ timeout_remove(&service->to_throttle); } -void services_monitor_stop(struct service_list *service_list) +static void services_monitor_wait(struct service_list *service_list) +{ + struct service *const *servicep; + time_t max_wait_time = time(NULL) + MAX_DIE_WAIT_SECS; + bool finished; + + for (;;) { + finished = TRUE; + services_monitor_reap_children(); + array_foreach(&service_list->services, servicep) { + if ((*servicep)->status_fd[0] != -1) + service_status_input(*servicep); + if ((*servicep)->process_avail > 0) + finished = FALSE; + } + if (finished || time(NULL) > max_wait_time) + break; + usleep(100000); + } +} + +void services_monitor_stop(struct service_list *service_list, bool wait) { struct service *const *services; @@ -480,6 +504,13 @@ service_list->master_dead_pipe_fd[1] = -1; } + if (wait) { + /* we've notified all children that the master is dead. + now wait for the children to either die or to tell that + they're no longer listening for new connections */ + services_monitor_wait(service_list); + } + array_foreach(&service_list->services, services) service_monitor_stop(*services); @@ -516,7 +547,8 @@ service = process->service; if (status == 0) { /* success */ - if (service->listen_pending) + if (service->listen_pending && + !service->list->destroying) service_monitor_listen_start(service); throttle = FALSE; } else { @@ -535,7 +567,8 @@ service_monitor_throttle(service); service_stopped = service->status_fd[0] == -1; if (!service_stopped) { - service_monitor_start_extra_avail(service); + if (!service->list->destroying) + service_monitor_start_extra_avail(service); if (service->to_throttle == NULL) service_monitor_listen_start(service); } diff -r 21145b853d64 -r 6894298ae5fd src/master/service-monitor.h --- a/src/master/service-monitor.h Sat Nov 05 17:59:11 2011 +0200 +++ b/src/master/service-monitor.h Sat Nov 05 19:17:59 2011 +0200 @@ -5,7 +5,7 @@ void services_monitor_start(struct service_list *service_list); /* Stop services. */ -void services_monitor_stop(struct service_list *service_list); +void services_monitor_stop(struct service_list *service_list, bool wait); /* Call after SIGCHLD has been detected */ void services_monitor_reap_children(void); diff -r 21145b853d64 -r 6894298ae5fd src/master/service.c --- a/src/master/service.c Sat Nov 05 17:59:11 2011 +0200 +++ b/src/master/service.c Sat Nov 05 19:17:59 2011 +0200 @@ -615,12 +615,13 @@ } } -void services_destroy(struct service_list *service_list) +void services_destroy(struct service_list *service_list, bool wait) { /* make sure we log if child processes died unexpectedly */ - services_monitor_reap_children(); + service_list->destroying = TRUE; + services_monitor_reap_children(); - services_monitor_stop(service_list); + services_monitor_stop(service_list, wait); if (service_list->refcount > 1 && service_list->service_set->shutdown_clients) { diff -r 21145b853d64 -r 6894298ae5fd src/master/service.h --- a/src/master/service.h Sat Nov 05 17:59:11 2011 +0200 +++ b/src/master/service.h Sat Nov 05 19:17:59 2011 +0200 @@ -126,6 +126,7 @@ ARRAY_DEFINE(services, struct service *); + unsigned int destroying:1; unsigned int destroyed:1; unsigned int sigterm_sent:1; unsigned int sigterm_sent_to_log:1; @@ -138,7 +139,7 @@ struct service_list **services_r, const char **error_r); /* Destroy services */ -void services_destroy(struct service_list *service_list); +void services_destroy(struct service_list *service_list, bool wait); void service_list_ref(struct service_list *service_list); void service_list_unref(struct service_list *service_list); From dovecot at dovecot.org Sat Nov 5 19:27:03 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 19:27:03 +0200 Subject: dovecot-2.1: quota: Ignore quota limits for admin users. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/131e44d50d35 changeset: 13663:131e44d50d35 user: Timo Sirainen date: Sat Nov 05 19:37:02 2011 +0200 description: quota: Ignore quota limits for admin users. diffstat: src/plugins/quota/quota.c | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diffs (15 lines): diff -r 6894298ae5fd -r 131e44d50d35 src/plugins/quota/quota.c --- a/src/plugins/quota/quota.c Sat Nov 05 19:17:59 2011 +0200 +++ b/src/plugins/quota/quota.c Sat Nov 05 19:37:02 2011 +0200 @@ -927,6 +927,11 @@ ctx->box = box; ctx->bytes_ceil = (uint64_t)-1; ctx->count_ceil = (uint64_t)-1; + + if (box->storage->user->admin) { + /* ignore quota for admins */ + ctx->limits_set = TRUE; + } return ctx; } From dovecot at dovecot.org Sat Nov 5 19:27:03 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 19:27:03 +0200 Subject: dovecot-2.1: dsync: Set user to be admin to ignore quota limits. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/3248730d84ae changeset: 13664:3248730d84ae user: Timo Sirainen date: Sat Nov 05 19:37:23 2011 +0200 description: dsync: Set user to be admin to ignore quota limits. diffstat: src/dsync/dsync.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diffs (19 lines): diff -r 131e44d50d35 -r 3248730d84ae src/dsync/dsync.c --- a/src/dsync/dsync.c Sat Nov 05 19:37:02 2011 +0200 +++ b/src/dsync/dsync.c Sat Nov 05 19:37:23 2011 +0200 @@ -259,6 +259,7 @@ if (mail_storage_service_next(storage_service, service_user, &mail_user) < 0) i_fatal("User init failed"); + mail_user->admin = TRUE; /* create the first local worker */ worker1 = dsync_worker_init_local(mail_user, alt_char); @@ -275,6 +276,7 @@ if (mail_storage_service_next(storage_service, service_user, &mail_user2) < 0) i_fatal("User init failed"); + mail_user2->admin = TRUE; if (mail_namespaces_get_root_sep(mail_user->namespaces) != mail_namespaces_get_root_sep(mail_user2->namespaces)) { From dovecot at dovecot.org Sat Nov 5 19:27:44 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 19:27:44 +0200 Subject: dovecot-2.0: dsync: Set user to be admin to ignore quota limits. Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/0cf3215cdf2d changeset: 12957:0cf3215cdf2d user: Timo Sirainen date: Sat Nov 05 19:37:23 2011 +0200 description: dsync: Set user to be admin to ignore quota limits. diffstat: src/dsync/dsync.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diffs (19 lines): diff -r 00157fd523ea -r 0cf3215cdf2d src/dsync/dsync.c --- a/src/dsync/dsync.c Sat Nov 05 19:37:02 2011 +0200 +++ b/src/dsync/dsync.c Sat Nov 05 19:37:23 2011 +0200 @@ -259,6 +259,7 @@ if (mail_storage_service_next(storage_service, service_user, &mail_user) < 0) i_fatal("User init failed"); + mail_user->admin = TRUE; /* create the first local worker */ worker1 = dsync_worker_init_local(mail_user, alt_char); @@ -275,6 +276,7 @@ if (mail_storage_service_next(storage_service, service_user, &mail_user2) < 0) i_fatal("User init failed"); + mail_user2->admin = TRUE; if (mail_namespaces_get_root_sep(mail_user->namespaces) != mail_namespaces_get_root_sep(mail_user2->namespaces)) { From dovecot at dovecot.org Sat Nov 5 19:27:44 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 19:27:44 +0200 Subject: dovecot-2.0: quota: Ignore quota limits for admin users. Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/00157fd523ea changeset: 12956:00157fd523ea user: Timo Sirainen date: Sat Nov 05 19:37:02 2011 +0200 description: quota: Ignore quota limits for admin users. diffstat: src/plugins/quota/quota.c | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diffs (15 lines): diff -r 0330312d2182 -r 00157fd523ea src/plugins/quota/quota.c --- a/src/plugins/quota/quota.c Fri Nov 04 21:57:05 2011 +0000 +++ b/src/plugins/quota/quota.c Sat Nov 05 19:37:02 2011 +0200 @@ -926,6 +926,11 @@ ctx->box = box; ctx->bytes_ceil = (uint64_t)-1; ctx->count_ceil = (uint64_t)-1; + + if (box->storage->user->admin) { + /* ignore quota for admins */ + ctx->limits_set = TRUE; + } return ctx; } From dovecot at dovecot.org Sat Nov 5 19:49:38 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 19:49:38 +0200 Subject: dovecot-2.1: doveadm import: Added -s parameter to subscribe to ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/afec4ceda8e1 changeset: 13665:afec4ceda8e1 user: Timo Sirainen date: Sat Nov 05 19:59:55 2011 +0200 description: doveadm import: Added -s parameter to subscribe to created mailboxes. diffstat: src/doveadm/doveadm-mail-import.c | 25 ++++++++++++++++++++++++- 1 files changed, 24 insertions(+), 1 deletions(-) diffs (59 lines): diff -r 3248730d84ae -r afec4ceda8e1 src/doveadm/doveadm-mail-import.c --- a/src/doveadm/doveadm-mail-import.c Sat Nov 05 19:37:23 2011 +0200 +++ b/src/doveadm/doveadm-mail-import.c Sat Nov 05 19:59:55 2011 +0200 @@ -14,6 +14,7 @@ struct mail_user *src_user; const char *dest_parent; + bool subscribe; }; static int @@ -53,6 +54,12 @@ return -1; } } + if (ctx->subscribe) { + if (mailbox_set_subscribed(box, TRUE) < 0) { + i_error("Couldn't subscribe to mailbox %s: %s", + name, mailbox_get_last_error(box, NULL)); + } + } if (mailbox_sync(box, MAILBOX_SYNC_FLAG_FULL_READ) < 0) { i_error("Syncing mailbox %s failed: %s", name, mailbox_get_last_error(box, NULL)); @@ -183,11 +190,27 @@ mail_user_unref(&ctx->src_user); } +static bool cmd_import_parse_arg(struct doveadm_mail_cmd_context *_ctx, int c) +{ + struct import_cmd_context *ctx = (struct import_cmd_context *)_ctx; + + switch (c) { + case 's': + ctx->subscribe = TRUE; + break; + default: + return FALSE; + } + return TRUE; +} + static struct doveadm_mail_cmd_context *cmd_import_alloc(void) { struct import_cmd_context *ctx; ctx = doveadm_mail_cmd_alloc(struct import_cmd_context); + ctx->ctx.getopt_args = "s"; + ctx->ctx.v.parse_arg = cmd_import_parse_arg; ctx->ctx.v.init = cmd_import_init; ctx->ctx.v.deinit = cmd_import_deinit; ctx->ctx.v.run = cmd_import_run; @@ -196,5 +219,5 @@ struct doveadm_mail_cmd cmd_import = { cmd_import_alloc, "import", - " " + "[-s] " }; From dovecot at dovecot.org Sat Nov 5 20:25:35 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 05 Nov 2011 20:25:35 +0200 Subject: dovecot-2.1: configure: Use libtool's -no-undefined flag instead... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/3ecd119bd63b changeset: 13666:3ecd119bd63b user: Timo Sirainen date: Sat Nov 05 20:35:56 2011 +0200 description: configure: Use libtool's -no-undefined flag instead of attempting it ourself. Patch by Brad. diffstat: configure.in | 15 ++++----------- 1 files changed, 4 insertions(+), 11 deletions(-) diffs (27 lines): diff -r afec4ceda8e1 -r 3ecd119bd63b configure.in --- a/configure.in Sat Nov 05 19:59:55 2011 +0200 +++ b/configure.in Sat Nov 05 20:35:56 2011 +0200 @@ -2673,19 +2673,12 @@ AC_DEFINE_UNQUOTED(CAPABILITY_BANNER_STRING, "$capability_banner", IMAP capabilities advertised in banner) CFLAGS="$CFLAGS $EXTRA_CFLAGS" +NOPLUGIN_LDFLAGS="-no-undefined" if test "$with_gnu_ld" = yes; then - NOPLUGIN_LDFLAGS="-Wl,--as-needed" - case "$host_os" in - linux*) - # This appears to work in Linux, but not in BSDs.. - NOPLUGIN_LDFLAGS="$NOPLUGIN_LDFLAGS -Wl,--no-undefined" - ;; - *) - ;; - esac - LDFLAGS="\$(NOPLUGIN_LDFLAGS) $LDFLAGS" - AC_SUBST(NOPLUGIN_LDFLAGS) + NOPLUGIN_LDFLAGS="$NOPLUGIN_LDFLAGS -Wl,--as-needed" fi +LDFLAGS="\$(NOPLUGIN_LDFLAGS) $LDFLAGS" +AC_SUBST(NOPLUGIN_LDFLAGS) if test "$docdir" = ""; then dnl docdir supported only by autoconf v2.59c and later From dovecot at dovecot.org Mon Nov 7 20:35:42 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Mon, 07 Nov 2011 20:35:42 +0200 Subject: dovecot-2.1: master: Fixed giving config socket path to anvil pr... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/9da49294f49d changeset: 13667:9da49294f49d user: Timo Sirainen date: Mon Nov 07 20:45:55 2011 +0200 description: master: Fixed giving config socket path to anvil process. diffstat: src/master/service-process.c | 19 +++++++++++-------- 1 files changed, 11 insertions(+), 8 deletions(-) diffs (49 lines): diff -r 3ecd119bd63b -r 9da49294f49d src/master/service-process.c --- a/src/master/service-process.c Sat Nov 05 20:35:56 2011 +0200 +++ b/src/master/service-process.c Mon Nov 07 20:45:55 2011 +0200 @@ -180,18 +180,11 @@ } } -static void -service_process_setup_environment(struct service *service, unsigned int uid) +static void service_rpocess_setup_config_environment(struct service *service) { const struct master_service_settings *set = service->list->service_set; - master_service_env_clean(); - switch (service->type) { - case SERVICE_TYPE_ANVIL: - if (service_anvil_global->restarted) - env_put("ANVIL_RESTARTED=1"); - break; case SERVICE_TYPE_CONFIG: env_put(t_strconcat(MASTER_CONFIG_FILE_ENV"=", service->config_file_path, NULL)); @@ -211,8 +204,15 @@ services_get_config_socket_path(service->list), NULL)); break; } +} + +static void +service_process_setup_environment(struct service *service, unsigned int uid) +{ + master_service_env_clean(); env_put(MASTER_IS_PARENT_ENV"=1"); + service_rpocess_setup_config_environment(service); env_put(t_strdup_printf(MASTER_CLIENT_LIMIT_ENV"=%u", service->client_limit)); env_put(t_strdup_printf(MASTER_PROCESS_LIMIT_ENV"=%u", @@ -232,6 +232,9 @@ env_put(t_strconcat(MASTER_SSL_KEY_PASSWORD_ENV"=", ssl_manual_key_password, NULL)); } + if (service->type == SERVICE_TYPE_ANVIL && + service_anvil_global->restarted) + env_put("ANVIL_RESTARTED=1"); } static void service_process_status_timeout(struct service_process *process) From dovecot at dovecot.org Mon Nov 7 22:06:53 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Mon, 07 Nov 2011 22:06:53 +0200 Subject: dovecot-2.1: indexer-worker: If indexes are disabled for a mailb... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/d0a071b6847c changeset: 13668:d0a071b6847c user: Timo Sirainen date: Mon Nov 07 22:17:15 2011 +0200 description: indexer-worker: If indexes are disabled for a mailbox, do nothing but log a message. diffstat: src/indexer/master-connection.c | 9 ++++++++- 1 files changed, 8 insertions(+), 1 deletions(-) diffs (26 lines): diff -r 9da49294f49d -r d0a071b6847c src/indexer/master-connection.c --- a/src/indexer/master-connection.c Mon Nov 07 20:45:55 2011 +0200 +++ b/src/indexer/master-connection.c Mon Nov 07 22:17:15 2011 +0200 @@ -118,7 +118,7 @@ struct mail_namespace *ns; struct mailbox *box; struct mailbox_status status; - const char *errstr; + const char *path, *errstr; enum mail_error error; enum mailbox_sync_flags sync_flags = MAILBOX_SYNC_FLAG_FULL_READ; int ret = 0; @@ -129,6 +129,13 @@ return -1; } + path = mailbox_list_get_path(ns->list, mailbox, + MAILBOX_LIST_PATH_TYPE_INDEX); + if (*path == '\0') { + i_info("Indexes disabled for Mailbox %s, skipping", mailbox); + return 0; + } + box = mailbox_alloc(ns->list, mailbox, 0); if (max_recent_msgs != 0) { /* index only if there aren't too many recent messages. From dovecot at dovecot.org Mon Nov 7 22:44:18 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Mon, 07 Nov 2011 22:44:18 +0200 Subject: dovecot-2.1: auth: When complaining about auth-userdb permission... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/08afc14abc21 changeset: 13669:08afc14abc21 user: Timo Sirainen date: Mon Nov 07 22:54:32 2011 +0200 description: auth: When complaining about auth-userdb permission errors, log also the wanted UID's name. diffstat: src/auth/auth-master-connection.c | 13 +++++++++++-- 1 files changed, 11 insertions(+), 2 deletions(-) diffs (31 lines): diff -r d0a071b6847c -r 08afc14abc21 src/auth/auth-master-connection.c --- a/src/auth/auth-master-connection.c Mon Nov 07 22:17:15 2011 +0200 +++ b/src/auth/auth-master-connection.c Mon Nov 07 22:54:32 2011 +0200 @@ -12,6 +12,7 @@ #include "network.h" #include "istream.h" #include "ostream.h" +#include "ipwd.h" #include "master-service.h" #include "userdb.h" #include "userdb-blocking.h" @@ -331,9 +332,17 @@ static const char *auth_restricted_reason(struct auth_master_connection *conn) { - return t_strdup_printf("%s mode=0666, but not owned by UID %lu", + struct passwd pw; + const char *namestr; + + if (i_getpwuid(conn->userdb_restricted_uid, &pw) <= 0) + namestr = ""; + else + namestr = t_strdup_printf("(%s)", pw.pw_name); + return t_strdup_printf("%s mode=0666, but not owned by UID %lu%s", conn->path, - (unsigned long)conn->userdb_restricted_uid); + (unsigned long)conn->userdb_restricted_uid, + namestr); } static bool From dovecot at dovecot.org Tue Nov 8 21:04:04 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 08 Nov 2011 21:04:04 +0200 Subject: dovecot-2.1: login proxy: Always log the username in the error m... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/d9b89af302e7 changeset: 13670:d9b89af302e7 user: Timo Sirainen date: Tue Nov 08 21:14:32 2011 +0200 description: login proxy: Always log the username in the error messages. diffstat: src/login-common/login-proxy.c | 6 ++++-- 1 files changed, 4 insertions(+), 2 deletions(-) diffs (23 lines): diff -r 08afc14abc21 -r d9b89af302e7 src/login-common/login-proxy.c --- a/src/login-common/login-proxy.c Mon Nov 07 22:54:32 2011 +0200 +++ b/src/login-common/login-proxy.c Tue Nov 08 21:14:32 2011 +0200 @@ -199,7 +199,8 @@ err = net_geterror(proxy->server_fd); if (err != 0) { - i_error("proxy: connect(%s, %u) failed: %s", + i_error("proxy(%s): connect(%s, %u) failed: %s", + proxy->client->virtual_user, proxy->host, proxy->port, strerror(err)); proxy_fail_connect(proxy); login_proxy_free(&proxy); @@ -226,7 +227,8 @@ static void proxy_connect_timeout(struct login_proxy *proxy) { - i_error("proxy: connect(%s, %u) timed out", proxy->host, proxy->port); + i_error("proxy(%s): connect(%s, %u) timed out", + proxy->client->virtual_user, proxy->host, proxy->port); proxy_fail_connect(proxy); login_proxy_free(&proxy); } From dovecot at dovecot.org Tue Nov 8 21:19:10 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 08 Nov 2011 21:19:10 +0200 Subject: dovecot-2.1: login: If login fails for some reason, but auth was... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/d03524bfcf16 changeset: 13671:d03524bfcf16 user: Timo Sirainen date: Tue Nov 08 21:29:34 2011 +0200 description: login: If login fails for some reason, but auth was successful, don't log "auth failed". For example if proxy fails to connect to remote server. diffstat: src/login-common/client-common.c | 4 ++++ src/login-common/client-common.h | 2 +- src/login-common/sasl-server.c | 1 + 3 files changed, 6 insertions(+), 1 deletions(-) diffs (37 lines): diff -r d9b89af302e7 -r d03524bfcf16 src/login-common/client-common.c --- a/src/login-common/client-common.c Tue Nov 08 21:14:32 2011 +0200 +++ b/src/login-common/client-common.c Tue Nov 08 21:29:34 2011 +0200 @@ -528,6 +528,10 @@ if (client->auth_try_aborted && client->auth_attempts == 1) return "(aborted authentication)"; + if (client->auth_successes > 0) { + return t_strdup_printf("(internal failure, %u succesful auths)", + client->auth_successes); + } return t_strdup_printf("(auth failed, %u attempts)", client->auth_attempts); } diff -r d9b89af302e7 -r d03524bfcf16 src/login-common/client-common.h --- a/src/login-common/client-common.h Tue Nov 08 21:14:32 2011 +0200 +++ b/src/login-common/client-common.h Tue Nov 08 21:29:34 2011 +0200 @@ -106,7 +106,7 @@ sasl_server_callback_t *sasl_callback; unsigned int bad_counter; - unsigned int auth_attempts; + unsigned int auth_attempts, auth_successes; pid_t mail_pid; char *virtual_user; diff -r d9b89af302e7 -r d03524bfcf16 src/login-common/sasl-server.c --- a/src/login-common/sasl-server.c Tue Nov 08 21:14:32 2011 +0200 +++ b/src/login-common/sasl-server.c Tue Nov 08 21:29:34 2011 +0200 @@ -221,6 +221,7 @@ break; case AUTH_REQUEST_STATUS_OK: client->auth_request = NULL; + client->auth_successes++; nologin = FALSE; for (i = 0; args[i] != NULL; i++) { From dovecot at dovecot.org Tue Nov 8 21:40:36 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 08 Nov 2011 21:40:36 +0200 Subject: dovecot-2.1: master: Never create new processes for services tha... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/96e469ea4fc8 changeset: 13672:96e469ea4fc8 user: Timo Sirainen date: Tue Nov 08 21:50:46 2011 +0200 description: master: Never create new processes for services that are being destroyed (reload, deinit) diffstat: src/master/service-process.c | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diffs (15 lines): diff -r d03524bfcf16 -r 96e469ea4fc8 src/master/service-process.c --- a/src/master/service-process.c Tue Nov 08 21:29:34 2011 +0200 +++ b/src/master/service-process.c Tue Nov 08 21:50:46 2011 +0200 @@ -264,6 +264,11 @@ /* throttling service, don't create new processes */ return NULL; } + if (service->list->destroying) { + /* these services are being destroyed, no point in creating + new processes now */ + return NULL; + } if (service->type == SERVICE_TYPE_ANVIL && service_anvil_global->pid != 0) { From dovecot at dovecot.org Tue Nov 8 22:28:14 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 08 Nov 2011 22:28:14 +0200 Subject: dovecot-2.1: maildir: Log less lines when removing broken sizes ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/762b31157c42 changeset: 13673:762b31157c42 user: Timo Sirainen date: Tue Nov 08 22:38:36 2011 +0200 description: maildir: Log less lines when removing broken sizes from filenames. diffstat: src/lib-storage/index/maildir/maildir-mail.c | 33 ++++++++++++++++----------- 1 files changed, 19 insertions(+), 14 deletions(-) diffs (57 lines): diff -r 96e469ea4fc8 -r 762b31157c42 src/lib-storage/index/maildir/maildir-mail.c --- a/src/lib-storage/index/maildir/maildir-mail.c Tue Nov 08 21:50:46 2011 +0200 +++ b/src/lib-storage/index/maildir/maildir-mail.c Tue Nov 08 22:38:36 2011 +0200 @@ -620,6 +620,7 @@ enum maildir_uidlist_rec_flag flags; const char *subdir, *fname, *path, *newpath, *p; uoff_t size; + char wrong_key; if (maildir_sync_lookup(mbox, mail->uid, &flags, &fname) <= 0) return; @@ -633,27 +634,31 @@ path = t_strdup_printf("%s/%s/%s", mailbox_get_path(&mbox->box), subdir, fname); - if (maildir_filename_get_size(fname, MAILDIR_EXTRA_VIRTUAL_SIZE, - &size) && - field == MAIL_FETCH_VIRTUAL_SIZE) { - mail_storage_set_critical(mail->box->storage, - "Maildir filename has wrong W value: %s", path); - } - if (maildir_filename_get_size(fname, MAILDIR_EXTRA_FILE_SIZE, - &size) && - field == MAIL_FETCH_PHYSICAL_SIZE) { - mail_storage_set_critical(mail->box->storage, - "Maildir filename has wrong S value: %s", path); + if (field == MAIL_FETCH_VIRTUAL_SIZE && + maildir_filename_get_size(fname, MAILDIR_EXTRA_VIRTUAL_SIZE, + &size)) { + wrong_key = 'W'; + } else if (field == MAIL_FETCH_PHYSICAL_SIZE && + maildir_filename_get_size(fname, MAILDIR_EXTRA_FILE_SIZE, + &size)) { + wrong_key = 'S'; + } else { + /* the broken size isn't in filename */ + return; } newpath = t_strdup_printf("%s/%s/%s", mailbox_get_path(&mbox->box), subdir, t_strdup_until(fname, p)); if (rename(path, newpath) == 0) { - i_warning("Renamed broken maildir filename %s to %s", - path, newpath); + mail_storage_set_critical(mail->box->storage, + "Maildir filename has wrong %c value, " + "renamed the file from %s to %s", + wrong_key, path, newpath); } else { mail_storage_set_critical(mail->box->storage, - "rename(%s, %s) failed: %m", path, newpath); + "Maildir filename has wrong %c value, " + "but rename(%s, %s) failed: %m", + wrong_key, path, newpath); } } From dovecot at dovecot.org Tue Nov 8 22:39:39 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 08 Nov 2011 22:39:39 +0200 Subject: dovecot-2.1: eacces_error_get*(): Crashfix for recent change. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/439ba86c91fc changeset: 13674:439ba86c91fc user: Timo Sirainen date: Tue Nov 08 22:49:57 2011 +0200 description: eacces_error_get*(): Crashfix for recent change. diffstat: src/lib/eacces-error.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diffs (13 lines): diff -r 762b31157c42 -r 439ba86c91fc src/lib/eacces-error.c --- a/src/lib/eacces-error.c Tue Nov 08 22:38:36 2011 +0200 +++ b/src/lib/eacces-error.c Tue Nov 08 22:49:57 2011 +0200 @@ -67,6 +67,9 @@ case W_OK: mode = 02; break; + case X_OK: + mode = 01; + break; default: i_unreached(); } From dovecot at dovecot.org Tue Nov 8 23:30:38 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 08 Nov 2011 23:30:38 +0200 Subject: dovecot-2.1: login proxy: Verify that remote hostname matches SS... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/7e3afd2252fd changeset: 13675:7e3afd2252fd user: Timo Sirainen date: Tue Nov 08 23:40:54 2011 +0200 description: login proxy: Verify that remote hostname matches SSL cert, unless ssl=any-cert diffstat: configure.in | 2 +- src/lib-ssl-iostream/iostream-openssl.c | 17 +++++++++++------ src/lib-ssl-iostream/iostream-openssl.h | 1 + src/login-common/Makefile.am | 3 ++- src/login-common/login-proxy.c | 18 ++++++++++++------ src/login-common/ssl-proxy-openssl.c | 6 ++++++ src/login-common/ssl-proxy.c | 6 ++++++ src/login-common/ssl-proxy.h | 1 + 8 files changed, 40 insertions(+), 14 deletions(-) diffs (167 lines): diff -r 439ba86c91fc -r 7e3afd2252fd configure.in --- a/configure.in Tue Nov 08 22:49:57 2011 +0200 +++ b/configure.in Tue Nov 08 23:40:54 2011 +0200 @@ -2487,7 +2487,7 @@ LIBDOVECOT_STORAGE_LAST='$(top_builddir)/src/lib-storage/list/libstorage_list.la $(top_builddir)/src/lib-storage/index/libstorage_index.la $(top_builddir)/src/lib-storage/libstorage.la $(top_builddir)/src/lib-index/libindex.la' LIBDOVECOT_STORAGE_FIRST='$(top_builddir)/src/lib-storage/libstorage_service.la $(top_builddir)/src/lib-storage/register/libstorage_register.la' LIBDOVECOT_STORAGE="$LIBDOVECOT_STORAGE_FIRST $LINKED_STORAGE_LIBS $LIBDOVECOT_STORAGE_LAST" - LIBDOVECOT_LOGIN='$(top_builddir)/src/login-common/liblogin.la' + LIBDOVECOT_LOGIN='$(top_builddir)/src/login-common/liblogin.la $(top_builddir)/src/lib-ssl-iostream/libssl_iostream.la' LIBDOVECOT_LDA='$(top_builddir)/src/lib-lda/liblda.la' fi LIBDOVECOT_SQL='$(top_builddir)/src/lib-sql/libsql.la' diff -r 439ba86c91fc -r 7e3afd2252fd src/lib-ssl-iostream/iostream-openssl.c --- a/src/lib-ssl-iostream/iostream-openssl.c Tue Nov 08 22:49:57 2011 +0200 +++ b/src/lib-ssl-iostream/iostream-openssl.c Tue Nov 08 23:40:54 2011 +0200 @@ -492,8 +492,7 @@ return asn1_string_to_c(str); } -int ssl_iostream_cert_match_name(struct ssl_iostream *ssl_io, - const char *verify_name) +int openssl_cert_match_name(SSL *ssl, const char *verify_name) { X509 *cert; STACK_OF(GENERAL_NAME) *gnames; @@ -502,10 +501,7 @@ bool dns_names = FALSE; unsigned int i, count; - if (!ssl_iostream_has_valid_client_cert(ssl_io)) - return -1; - - cert = SSL_get_peer_certificate(ssl_io->ssl); + cert = SSL_get_peer_certificate(ssl); i_assert(cert != NULL); /* verify against SubjectAltNames */ @@ -529,6 +525,15 @@ return strcmp(get_cname(cert), verify_name) == 0 ? 0 : -1; } +int ssl_iostream_cert_match_name(struct ssl_iostream *ssl_io, + const char *verify_name) +{ + if (!ssl_iostream_has_valid_client_cert(ssl_io)) + return -1; + + return openssl_cert_match_name(ssl_io->ssl, verify_name); +} + int ssl_iostream_handshake(struct ssl_iostream *ssl_io) { int ret; diff -r 439ba86c91fc -r 7e3afd2252fd src/lib-ssl-iostream/iostream-openssl.h --- a/src/lib-ssl-iostream/iostream-openssl.h Tue Nov 08 22:49:57 2011 +0200 +++ b/src/lib-ssl-iostream/iostream-openssl.h Tue Nov 08 23:40:54 2011 +0200 @@ -60,6 +60,7 @@ int ssl_iostream_load_key(const struct ssl_iostream_settings *set, const char *key_source, EVP_PKEY **pkey_r); const char *ssl_iostream_get_use_certificate_error(const char *cert); +int openssl_cert_match_name(SSL *ssl, const char *verify_name); /* Sync plain_input/plain_output streams with BIOs. Returns TRUE if at least one byte was read/written. */ diff -r 439ba86c91fc -r 7e3afd2252fd src/login-common/Makefile.am --- a/src/login-common/Makefile.am Tue Nov 08 22:49:57 2011 +0200 +++ b/src/login-common/Makefile.am Tue Nov 08 23:40:54 2011 +0200 @@ -6,6 +6,7 @@ -I$(top_srcdir)/src/lib-auth \ -I$(top_srcdir)/src/lib-dns \ -I$(top_srcdir)/src/lib-master \ + -I$(top_srcdir)/src/lib-ssl-iostream \ -DPKG_STATEDIR=\""$(statedir)"\" liblogin_la_SOURCES = \ @@ -39,6 +40,6 @@ pkglib_LTLIBRARIES = libdovecot-login.la libdovecot_login_la_SOURCES = -libdovecot_login_la_LIBADD = liblogin.la ../lib-dovecot/libdovecot.la +libdovecot_login_la_LIBADD = liblogin.la ../lib-ssl-iostream/libssl_iostream.la ../lib-dovecot/libdovecot.la libdovecot_login_la_DEPENDENCIES = liblogin.la libdovecot_login_la_LDFLAGS = -export-dynamic diff -r 439ba86c91fc -r 7e3afd2252fd src/login-common/login-proxy.c --- a/src/login-common/login-proxy.c Tue Nov 08 22:49:57 2011 +0200 +++ b/src/login-common/login-proxy.c Tue Nov 08 23:40:54 2011 +0200 @@ -507,18 +507,24 @@ { struct login_proxy *proxy = context; - if ((proxy->ssl_flags & PROXY_SSL_FLAG_ANY_CERT) != 0 || - ssl_proxy_has_valid_client_cert(proxy->ssl_server_proxy)) + if ((proxy->ssl_flags & PROXY_SSL_FLAG_ANY_CERT) != 0) return 0; - if (!ssl_proxy_has_broken_client_cert(proxy->ssl_server_proxy)) { + if (ssl_proxy_has_broken_client_cert(proxy->ssl_server_proxy)) { + client_log_err(proxy->client, t_strdup_printf( + "proxy: Received invalid SSL certificate from %s:%u", + proxy->host, proxy->port)); + } else if (!ssl_proxy_has_valid_client_cert(proxy->ssl_server_proxy)) { client_log_err(proxy->client, t_strdup_printf( "proxy: SSL certificate not received from %s:%u", proxy->host, proxy->port)); + } else if (ssl_proxy_cert_match_name(proxy->ssl_server_proxy, + proxy->host) < 0) { + client_log_err(proxy->client, t_strdup_printf( + "proxy: hostname doesn't match SSL certificate at %s:%u", + proxy->host, proxy->port)); } else { - client_log_err(proxy->client, t_strdup_printf( - "proxy: Received invalid SSL certificate from %s:%u", - proxy->host, proxy->port)); + return 0; } proxy->disconnecting = TRUE; return -1; diff -r 439ba86c91fc -r 7e3afd2252fd src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Tue Nov 08 22:49:57 2011 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Tue Nov 08 23:40:54 2011 +0200 @@ -19,6 +19,7 @@ #ifdef HAVE_OPENSSL +#include "iostream-openssl.h" #include #include #include @@ -665,6 +666,11 @@ return proxy->cert_received && proxy->cert_broken; } +int ssl_proxy_cert_match_name(struct ssl_proxy *proxy, const char *verify_name) +{ + return openssl_cert_match_name(proxy->ssl, verify_name); +} + const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy) { X509 *x509; diff -r 439ba86c91fc -r 7e3afd2252fd src/login-common/ssl-proxy.c --- a/src/login-common/ssl-proxy.c Tue Nov 08 22:49:57 2011 +0200 +++ b/src/login-common/ssl-proxy.c Tue Nov 08 23:40:54 2011 +0200 @@ -46,6 +46,12 @@ return FALSE; } +int ssl_proxy_cert_match_name(struct ssl_proxy *proxy ATTR_UNUSED, + const char *verify_name ATTR_UNUSED) +{ + return -1; +} + const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy ATTR_UNUSED) { return NULL; diff -r 439ba86c91fc -r 7e3afd2252fd src/login-common/ssl-proxy.h --- a/src/login-common/ssl-proxy.h Tue Nov 08 22:49:57 2011 +0200 +++ b/src/login-common/ssl-proxy.h Tue Nov 08 23:40:54 2011 +0200 @@ -24,6 +24,7 @@ void ssl_proxy_set_client(struct ssl_proxy *proxy, struct client *client); bool ssl_proxy_has_valid_client_cert(const struct ssl_proxy *proxy) ATTR_PURE; bool ssl_proxy_has_broken_client_cert(struct ssl_proxy *proxy); +int ssl_proxy_cert_match_name(struct ssl_proxy *proxy, const char *verify_name); const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy); bool ssl_proxy_is_handshaked(const struct ssl_proxy *proxy) ATTR_PURE; const char *ssl_proxy_get_last_error(const struct ssl_proxy *proxy) ATTR_PURE; From dovecot at dovecot.org Tue Nov 8 23:34:47 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 08 Nov 2011 23:34:47 +0200 Subject: dovecot-2.1: TODO updated Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/825a122eb9d3 changeset: 13677:825a122eb9d3 user: Timo Sirainen date: Tue Nov 08 23:45:05 2011 +0200 description: TODO updated diffstat: TODO | 21 ++++++++++----------- 1 files changed, 10 insertions(+), 11 deletions(-) diffs (62 lines): diff -r 72e894a8d267 -r 825a122eb9d3 TODO --- a/TODO Tue Nov 08 23:44:31 2011 +0200 +++ b/TODO Tue Nov 08 23:45:05 2011 +0200 @@ -1,5 +1,14 @@ + - imapc: + - prefetching to THREAD and SORT + - check all imap extensions and see if some don't work (condstore) + - imapc: replacing existing imapc stream in error recovery crashes with + file index-mail.c: line 812 (index_mail_stream_destroy_callback): + assertion failed: (mail->data.destroying_stream) + - SASL success data response: convert to extra roundtrip with imap/pop3, + implement somehow to managesieve + - per-namespace imapc_* settings? + - mdbox/sdbox index rebuild -> quota rebuild? - - anvil crash -> Error: Anvil client not compatible with this server (mixed old and new binaries?) - solr separate attachments (patch) - sql connection pooling: Count lookup latencies, avoid servers with significantly higher latencies. @@ -10,16 +19,11 @@ - fuzzy: be fuzzy about date/size - fix proxy_maybe=fqdn - mailbox list index: - - indexing name="" probably crashes in index_mailbox_list_sync_name() - with in-memory indexes be sure to refresh it more often - refreshing could refresh only the parts that are actually requested, e.g. % - mailbox_get_metadata(guid) could be optimized - virtual could use it to avoid keeping all mailboxes open - - imapc: - - lda/lmtp crashes because saved mail's seq=0 - - prefetching to THREAD and SORT - - after LIST "" * is refreshed, delete all unlisted local index dirs - check: - dsyncing between two namespace separators is probably broken.. - remove mail_deliver_session after all, do all the stuff transparently @@ -57,9 +61,6 @@ - SEARCH SENT*/HEADER/etc. doesn't seem optimized when using with TEXT/BODY - dict sql: support ignoring some search key hierarchies (e.g. acl "anyone") - - fts-solr: crashes if expunge is done while search is indexing - - fts-solr: handle DELETE, RENAME. use mailbox GUIDs (optionally) - - mdbox - dotlocking: cleanup should delete stale *.lock files - purging seems to be inefficient. run imaptest for a while, get >500 @@ -108,7 +109,6 @@ - search: use mail_get_parts() only when it's already cached. if it's not, add it to cache afterwards. - move ssl proxying code to lib-master - - proxy: verify ssl cert's cname - dict pooling /* currently non-external transactions can be applied multiple times, @@ -158,7 +158,6 @@ - recent_uids assert at least with mbox - quota fs: Should values returned by quota be divided by the actual filesystem block size instead of hardcoded DEV_BSIZE? not with AIX.. - - lucene: handle replacement chars? - squat: - wrong indexid - fts_build_init() assertion failed: (last_uid < last_uid_locked) From dovecot at dovecot.org Tue Nov 8 23:34:47 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 08 Nov 2011 23:34:47 +0200 Subject: dovecot-2.1: README: Added FUZZY RFC. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/72e894a8d267 changeset: 13676:72e894a8d267 user: Timo Sirainen date: Tue Nov 08 23:44:31 2011 +0200 description: README: Added FUZZY RFC. diffstat: README | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r 7e3afd2252fd -r 72e894a8d267 README --- a/README Tue Nov 08 23:40:54 2011 +0200 +++ b/README Tue Nov 08 23:44:31 2011 +0200 @@ -54,6 +54,7 @@ 5267 - Contexts for IMAP4 5530 - IMAP Response Codes 5819 - IMAP4 Extension for Returning STATUS Information in Extended LIST + 6203 - IMAP4 Extension for Fuzzy Search Contact info ------------ From dovecot at dovecot.org Tue Nov 8 23:59:16 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 08 Nov 2011 23:59:16 +0200 Subject: dovecot-2.1: Make static analyzer happier. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/b43bbf9b705d changeset: 13678:b43bbf9b705d user: Timo Sirainen date: Wed Nov 09 00:09:35 2011 +0200 description: Make static analyzer happier. diffstat: src/lib-storage/list/mailbox-list-index-sync.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r 825a122eb9d3 -r b43bbf9b705d src/lib-storage/list/mailbox-list-index-sync.c --- a/src/lib-storage/list/mailbox-list-index-sync.c Tue Nov 08 23:45:05 2011 +0200 +++ b/src/lib-storage/list/mailbox-list-index-sync.c Wed Nov 09 00:09:35 2011 +0200 @@ -98,6 +98,7 @@ node = parent; if (path[i] == NULL) { /* the entire path exists */ + i_assert(node != NULL); if (!mail_index_lookup_seq(ctx->view, node->uid, &seq)) i_panic("mailbox list index: lost uid=%u", node->uid); } else { From dovecot at dovecot.org Wed Nov 9 00:26:28 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 00:26:28 +0200 Subject: dovecot-2.1: Released v2.1.beta1. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/437ae2c24872 changeset: 13679:437ae2c24872 user: Timo Sirainen date: Wed Nov 09 00:10:04 2011 +0200 description: Released v2.1.beta1. diffstat: NEWS | 2 +- configure.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diffs (19 lines): diff -r b43bbf9b705d -r 437ae2c24872 NEWS --- a/NEWS Wed Nov 09 00:09:35 2011 +0200 +++ b/NEWS Wed Nov 09 00:10:04 2011 +0200 @@ -1,4 +1,4 @@ -v2.1.UNSTABLE 2011-xx-xx Timo Sirainen +v2.1.beta1 2011-11-08 Timo Sirainen * Plugins now use UTF-8 mailbox names rather than mUTF-7: acl, autocreate, expire, trash, virtual diff -r b43bbf9b705d -r 437ae2c24872 configure.in --- a/configure.in Wed Nov 09 00:09:35 2011 +0200 +++ b/configure.in Wed Nov 09 00:10:04 2011 +0200 @@ -1,5 +1,5 @@ AC_PREREQ([2.59]) -AC_INIT([Dovecot],[2.1.alpha2],[dovecot at dovecot.org]) +AC_INIT([Dovecot],[2.1.beta1],[dovecot at dovecot.org]) AC_CONFIG_SRCDIR([src]) AM_INIT_AUTOMAKE([foreign]) From dovecot at dovecot.org Wed Nov 9 00:26:28 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 00:26:28 +0200 Subject: dovecot-2.1: Added tag 2.1.beta1 for changeset 437ae2c24872 Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/255f39b1e8ba changeset: 13680:255f39b1e8ba user: Timo Sirainen date: Wed Nov 09 00:10:04 2011 +0200 description: Added tag 2.1.beta1 for changeset 437ae2c24872 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 437ae2c24872 -r 255f39b1e8ba .hgtags --- a/.hgtags Wed Nov 09 00:10:04 2011 +0200 +++ b/.hgtags Wed Nov 09 00:10:04 2011 +0200 @@ -68,3 +68,4 @@ 8ae243558677b23f2077c3fe9683cc7890f5eb5d 2.1.alpha1 11ef524500964054ae8e4e6150f890b1864139eb 2.0.15 f9e744ffe02135f6dc75e62db366bd39a8e19f99 2.1.alpha2 +437ae2c24872b59056d08c7e67a0db5354710065 2.1.beta1 From dovecot at dovecot.org Wed Nov 9 00:26:28 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 00:26:28 +0200 Subject: dovecot-2.1: Added signature for changeset 437ae2c24872 Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/12bd19be1315 changeset: 13681:12bd19be1315 user: Timo Sirainen date: Wed Nov 09 00:10:07 2011 +0200 description: Added signature for changeset 437ae2c24872 diffstat: .hgsigs | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 255f39b1e8ba -r 12bd19be1315 .hgsigs --- a/.hgsigs Wed Nov 09 00:10:04 2011 +0200 +++ b/.hgsigs Wed Nov 09 00:10:07 2011 +0200 @@ -31,3 +31,4 @@ 8ae243558677b23f2077c3fe9683cc7890f5eb5d 0 iEYEABECAAYFAk5fSWYACgkQyUhSUUBVism47wCeJe0dWWZZLLXgn3r5oBg+jy9UtN0An3qCOCwxFxql7Ik42c/6kUKiCd1V 11ef524500964054ae8e4e6150f890b1864139eb 0 iEYEABECAAYFAk5zUvIACgkQyUhSUUBVisnDTgCdHVHSwKeZjHV4KrlTmqipFoO26mkAoIMqPTna3Y1ETIGnPq6XRCB90C8p f9e744ffe02135f6dc75e62db366bd39a8e19f99 0 iEYEABECAAYFAk5zVngACgkQyUhSUUBVisntgQCfaceKIsHTtbu6LpUd2Tjj8lIHXZYAn3mCNW+Fc43t6M1tIE/ZUEwiWzCv +437ae2c24872b59056d08c7e67a0db5354710065 0 iEYEABECAAYFAk65qLwACgkQyUhSUUBVismRQACfad1LMF1iLd3vsFmxsONlDFEgxVwAnRmJRtv17mIUxvuzixLgc6bEtJvX From dovecot at dovecot.org Wed Nov 9 12:45:16 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 12:45:16 +0200 Subject: dovecot-2.1: maildir: When renaming filename due to broken size,... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/0a3eafad58c0 changeset: 13682:0a3eafad58c0 user: Timo Sirainen date: Wed Nov 09 12:55:37 2011 +0200 description: maildir: When renaming filename due to broken size, don't forget message flags. diffstat: src/lib-storage/index/maildir/maildir-mail.c | 10 +++++++--- 1 files changed, 7 insertions(+), 3 deletions(-) diffs (27 lines): diff -r 12bd19be1315 -r 0a3eafad58c0 src/lib-storage/index/maildir/maildir-mail.c --- a/src/lib-storage/index/maildir/maildir-mail.c Wed Nov 09 00:10:07 2011 +0200 +++ b/src/lib-storage/index/maildir/maildir-mail.c Wed Nov 09 12:55:37 2011 +0200 @@ -618,7 +618,7 @@ { struct maildir_mailbox *mbox = (struct maildir_mailbox *)mail->box; enum maildir_uidlist_rec_flag flags; - const char *subdir, *fname, *path, *newpath, *p; + const char *subdir, *fname, *path, *newpath, *p, *fname_info; uoff_t size; char wrong_key; @@ -647,8 +647,12 @@ return; } - newpath = t_strdup_printf("%s/%s/%s", mailbox_get_path(&mbox->box), - subdir, t_strdup_until(fname, p)); + fname_info = strchr(fname, MAILDIR_INFO_SEP); + if (fname_info == NULL) + fname_info = ""; + + newpath = t_strdup_printf("%s/%s/%s%s", mailbox_get_path(&mbox->box), + subdir, t_strdup_until(fname, p), fname_info); if (rename(path, newpath) == 0) { mail_storage_set_critical(mail->box->storage, "Maildir filename has wrong %c value, " From dovecot at dovecot.org Wed Nov 9 13:14:35 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 13:14:35 +0200 Subject: dovecot-2.1: maildir: Whenever we're guessing a filename correct... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/b29d9d98f5c0 changeset: 13683:b29d9d98f5c0 user: Timo Sirainen date: Wed Nov 09 13:24:49 2011 +0200 description: maildir: Whenever we're guessing a filename correctly, remember it in uidlist. diffstat: src/lib-storage/index/maildir/maildir-uidlist.c | 14 ++++++++++++++ src/lib-storage/index/maildir/maildir-uidlist.h | 2 ++ src/lib-storage/index/maildir/maildir-util.c | 15 ++++++++++----- 3 files changed, 26 insertions(+), 5 deletions(-) diffs (67 lines): diff -r 0a3eafad58c0 -r b29d9d98f5c0 src/lib-storage/index/maildir/maildir-uidlist.c --- a/src/lib-storage/index/maildir/maildir-uidlist.c Wed Nov 09 12:55:37 2011 +0200 +++ b/src/lib-storage/index/maildir/maildir-uidlist.c Wed Nov 09 13:24:49 2011 +0200 @@ -1868,6 +1868,20 @@ return TRUE; } +void maildir_uidlist_update_fname(struct maildir_uidlist *uidlist, + const char *filename) +{ + struct maildir_uidlist_rec *rec; + + rec = hash_table_lookup(uidlist->files, filename); + if (rec == NULL) + return; + + rec->flags &= ~MAILDIR_UIDLIST_REC_FLAG_NONSYNCED; + if (strcmp(rec->filename, filename) != 0) + rec->filename = p_strdup(uidlist->record_pool, filename); +} + const char * maildir_uidlist_get_full_filename(struct maildir_uidlist *uidlist, const char *filename) diff -r 0a3eafad58c0 -r b29d9d98f5c0 src/lib-storage/index/maildir/maildir-uidlist.h --- a/src/lib-storage/index/maildir/maildir-uidlist.h Wed Nov 09 12:55:37 2011 +0200 +++ b/src/lib-storage/index/maildir/maildir-uidlist.h Wed Nov 09 13:24:49 2011 +0200 @@ -127,6 +127,8 @@ struct maildir_uidlist_rec *rec, enum maildir_uidlist_rec_ext_key key, const char *value); +void maildir_uidlist_update_fname(struct maildir_uidlist *uidlist, + const char *filename); const char * maildir_uidlist_sync_get_full_filename(struct maildir_uidlist_sync_ctx *ctx, const char *filename); diff -r 0a3eafad58c0 -r b29d9d98f5c0 src/lib-storage/index/maildir/maildir-util.c --- a/src/lib-storage/index/maildir/maildir-util.c Wed Nov 09 12:55:37 2011 +0200 +++ b/src/lib-storage/index/maildir/maildir-util.c Wed Nov 09 13:24:49 2011 +0200 @@ -88,17 +88,22 @@ &flags, &have_flags); } + ret = 0; if ((flags & MAILDIR_UIDLIST_REC_FLAG_NEW_DIR) != 0) { /* probably in new/ dir */ path = t_strconcat(mailbox_get_path(&mbox->box), "/new/", fname, NULL); ret = callback(mbox, path, context); - if (ret != 0) - return ret; } - - path = t_strconcat(mailbox_get_path(&mbox->box), "/cur/", fname, NULL); - ret = callback(mbox, path, context); + if (ret == 0) { + path = t_strconcat(mailbox_get_path(&mbox->box), "/cur/", + fname, NULL); + ret = callback(mbox, path, context); + } + if (ret > 0 && (flags & MAILDIR_UIDLIST_REC_FLAG_NONSYNCED) != 0) { + /* file was found. make sure we remember its latest name. */ + maildir_uidlist_update_fname(mbox->uidlist, fname); + } return ret; } From dovecot at dovecot.org Wed Nov 9 14:04:55 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 14:04:55 +0200 Subject: dovecot-2.1: maildir: When fixing broken size in filename, try h... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/a155105e298e changeset: 13684:a155105e298e user: Timo Sirainen date: Wed Nov 09 14:15:18 2011 +0200 description: maildir: When fixing broken size in filename, try harder to find the latest filename. diffstat: src/lib-storage/index/maildir/maildir-mail.c | 62 ++++++++++++++++----------- 1 files changed, 36 insertions(+), 26 deletions(-) diffs (92 lines): diff -r b29d9d98f5c0 -r a155105e298e src/lib-storage/index/maildir/maildir-mail.c --- a/src/lib-storage/index/maildir/maildir-mail.c Wed Nov 09 13:24:49 2011 +0200 +++ b/src/lib-storage/index/maildir/maildir-mail.c Wed Nov 09 14:15:18 2011 +0200 @@ -612,28 +612,54 @@ } } +static int +do_fix_size(struct maildir_mailbox *mbox, const char *path, + const char *wrong_key_p) +{ + const char *fname, *newpath, *extra, *info, *dir; + + fname = strrchr(path, '/'); + i_assert(fname != NULL); + dir = t_strdup_until(path, fname++); + + extra = strchr(fname, MAILDIR_EXTRA_SEP); + i_assert(extra != NULL); + info = strchr(fname, MAILDIR_INFO_SEP); + if (info == NULL) info = ""; + + newpath = t_strdup_printf("%s/%s%s", dir, + t_strdup_until(fname, extra), info); + + if (rename(path, newpath) == 0) { + mail_storage_set_critical(mbox->box.storage, + "Maildir filename has wrong %c value, " + "renamed the file from %s to %s", + *wrong_key_p, path, newpath); + return 1; + } + if (errno == ENOENT) + return 0; + + mail_storage_set_critical(&mbox->storage->storage, + "rename(%s, %s) failed: %m", path, newpath); + return -1; +} + static void maildir_mail_remove_sizes_from_filename(struct mail *mail, enum mail_fetch_field field) { struct maildir_mailbox *mbox = (struct maildir_mailbox *)mail->box; enum maildir_uidlist_rec_flag flags; - const char *subdir, *fname, *path, *newpath, *p, *fname_info; + const char *fname; uoff_t size; char wrong_key; if (maildir_sync_lookup(mbox, mail->uid, &flags, &fname) <= 0) return; - - p = strchr(fname, MAILDIR_EXTRA_SEP); - if (p == NULL) + if (strchr(fname, MAILDIR_EXTRA_SEP) == NULL) return; - subdir = (flags & MAILDIR_UIDLIST_REC_FLAG_NEW_DIR) != 0 ? - "new" : "cur"; - path = t_strdup_printf("%s/%s/%s", mailbox_get_path(&mbox->box), - subdir, fname); - if (field == MAIL_FETCH_VIRTUAL_SIZE && maildir_filename_get_size(fname, MAILDIR_EXTRA_VIRTUAL_SIZE, &size)) { @@ -647,23 +673,7 @@ return; } - fname_info = strchr(fname, MAILDIR_INFO_SEP); - if (fname_info == NULL) - fname_info = ""; - - newpath = t_strdup_printf("%s/%s/%s%s", mailbox_get_path(&mbox->box), - subdir, t_strdup_until(fname, p), fname_info); - if (rename(path, newpath) == 0) { - mail_storage_set_critical(mail->box->storage, - "Maildir filename has wrong %c value, " - "renamed the file from %s to %s", - wrong_key, path, newpath); - } else { - mail_storage_set_critical(mail->box->storage, - "Maildir filename has wrong %c value, " - "but rename(%s, %s) failed: %m", - wrong_key, path, newpath); - } + (void)maildir_file_do(mbox, mail->uid, do_fix_size, &wrong_key); } static void maildir_mail_set_cache_corrupted(struct mail *_mail, From dovecot at dovecot.org Wed Nov 9 17:55:04 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 17:55:04 +0200 Subject: dovecot-2.0: lmtp: Default vsz_limit wasn't used for lmtp service. Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/b6421044fab8 changeset: 12958:b6421044fab8 user: Timo Sirainen date: Wed Nov 09 18:05:25 2011 +0200 description: lmtp: Default vsz_limit wasn't used for lmtp service. diffstat: src/lmtp/lmtp-settings.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r 0cf3215cdf2d -r b6421044fab8 src/lmtp/lmtp-settings.c --- a/src/lmtp/lmtp-settings.c Sat Nov 05 19:37:23 2011 +0200 +++ b/src/lmtp/lmtp-settings.c Wed Nov 09 18:05:25 2011 +0200 @@ -44,7 +44,7 @@ .client_limit = 1, .service_count = 0, .idle_kill = 0, - .vsz_limit = 0, + .vsz_limit = (uoff_t)-1, .unix_listeners = { { &lmtp_unix_listeners_buf, sizeof(lmtp_unix_listeners[0]) } }, From dovecot at dovecot.org Wed Nov 9 17:57:02 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 17:57:02 +0200 Subject: dovecot-2.0: master: vsz_limit enforcement was done for 1024 tim... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/30d16ea01b73 changeset: 12959:30d16ea01b73 user: Timo Sirainen date: Wed Nov 09 18:07:28 2011 +0200 description: master: vsz_limit enforcement was done for 1024 times too much memory. diffstat: src/master/service-process.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r b6421044fab8 -r 30d16ea01b73 src/master/service-process.c --- a/src/master/service-process.c Wed Nov 09 18:05:25 2011 +0200 +++ b/src/master/service-process.c Wed Nov 09 18:07:28 2011 +0200 @@ -157,7 +157,7 @@ unsigned int len; if (service->vsz_limit != 0) - restrict_process_size(service->vsz_limit/1024, -1U); + restrict_process_size(service->vsz_limit/1024/1024, -1U); restrict_access_init(&rset); rset.uid = service->uid; From dovecot at dovecot.org Wed Nov 9 17:57:12 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 17:57:12 +0200 Subject: dovecot-2.1: lmtp: Default vsz_limit wasn't used for lmtp service. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/011f10758702 changeset: 13685:011f10758702 user: Timo Sirainen date: Wed Nov 09 18:05:25 2011 +0200 description: lmtp: Default vsz_limit wasn't used for lmtp service. diffstat: src/lmtp/lmtp-settings.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r a155105e298e -r 011f10758702 src/lmtp/lmtp-settings.c --- a/src/lmtp/lmtp-settings.c Wed Nov 09 14:15:18 2011 +0200 +++ b/src/lmtp/lmtp-settings.c Wed Nov 09 18:05:25 2011 +0200 @@ -44,7 +44,7 @@ .client_limit = 1, .service_count = 0, .idle_kill = 0, - .vsz_limit = 0, + .vsz_limit = (uoff_t)-1, .unix_listeners = { { &lmtp_unix_listeners_buf, sizeof(lmtp_unix_listeners[0]) } }, From dovecot at dovecot.org Wed Nov 9 17:57:13 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 17:57:13 +0200 Subject: dovecot-2.1: master: vsz_limit enforcement was done for 1024 tim... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/94c95853f25c changeset: 13686:94c95853f25c user: Timo Sirainen date: Wed Nov 09 18:07:28 2011 +0200 description: master: vsz_limit enforcement was done for 1024 times too much memory. diffstat: src/master/service-process.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r 011f10758702 -r 94c95853f25c src/master/service-process.c --- a/src/master/service-process.c Wed Nov 09 18:05:25 2011 +0200 +++ b/src/master/service-process.c Wed Nov 09 18:07:28 2011 +0200 @@ -157,7 +157,7 @@ unsigned int len; if (service->vsz_limit != 0) - restrict_process_size(service->vsz_limit/1024, -1U); + restrict_process_size(service->vsz_limit/1024/1024, -1U); restrict_access_init(&rset); rset.uid = service->uid; From dovecot at dovecot.org Wed Nov 9 18:04:19 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 18:04:19 +0200 Subject: dovecot-2.0: imap/pop3-login: Use default_vsz_limit instead of a... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/37c044235948 changeset: 12960:37c044235948 user: Timo Sirainen date: Wed Nov 09 18:14:04 2011 +0200 description: imap/pop3-login: Use default_vsz_limit instead of adding our own. There's not a huge difference between 64 MB and the default 256 MB, and this change makes it easier to change the default limit globally. diffstat: src/imap-login/imap-login-settings.c | 2 +- src/pop3-login/pop3-login-settings.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diffs (24 lines): diff -r 30d16ea01b73 -r 37c044235948 src/imap-login/imap-login-settings.c --- a/src/imap-login/imap-login-settings.c Wed Nov 09 18:07:28 2011 +0200 +++ b/src/imap-login/imap-login-settings.c Wed Nov 09 18:14:04 2011 +0200 @@ -41,7 +41,7 @@ .client_limit = 0, .service_count = 1, .idle_kill = 0, - .vsz_limit = 64*1024*1024, + .vsz_limit = (uoff_t)-1, .unix_listeners = ARRAY_INIT, .fifo_listeners = ARRAY_INIT, diff -r 30d16ea01b73 -r 37c044235948 src/pop3-login/pop3-login-settings.c --- a/src/pop3-login/pop3-login-settings.c Wed Nov 09 18:07:28 2011 +0200 +++ b/src/pop3-login/pop3-login-settings.c Wed Nov 09 18:14:04 2011 +0200 @@ -41,7 +41,7 @@ .client_limit = 0, .service_count = 1, .idle_kill = 0, - .vsz_limit = 64*1024*1024, + .vsz_limit = (uoff_t)-1, .unix_listeners = ARRAY_INIT, .fifo_listeners = ARRAY_INIT, From dovecot at dovecot.org Wed Nov 9 18:04:35 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 18:04:35 +0200 Subject: dovecot-2.1: imap/pop3-login: Use default_vsz_limit instead of a... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/9bdc40e2d1c6 changeset: 13687:9bdc40e2d1c6 user: Timo Sirainen date: Wed Nov 09 18:14:04 2011 +0200 description: imap/pop3-login: Use default_vsz_limit instead of adding our own. There's not a huge difference between 64 MB and the default 256 MB, and this change makes it easier to change the default limit globally. diffstat: src/imap-login/imap-login-settings.c | 2 +- src/pop3-login/pop3-login-settings.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diffs (24 lines): diff -r 94c95853f25c -r 9bdc40e2d1c6 src/imap-login/imap-login-settings.c --- a/src/imap-login/imap-login-settings.c Wed Nov 09 18:07:28 2011 +0200 +++ b/src/imap-login/imap-login-settings.c Wed Nov 09 18:14:04 2011 +0200 @@ -41,7 +41,7 @@ .client_limit = 0, .service_count = 1, .idle_kill = 0, - .vsz_limit = 64*1024*1024, + .vsz_limit = (uoff_t)-1, .unix_listeners = ARRAY_INIT, .fifo_listeners = ARRAY_INIT, diff -r 94c95853f25c -r 9bdc40e2d1c6 src/pop3-login/pop3-login-settings.c --- a/src/pop3-login/pop3-login-settings.c Wed Nov 09 18:07:28 2011 +0200 +++ b/src/pop3-login/pop3-login-settings.c Wed Nov 09 18:14:04 2011 +0200 @@ -41,7 +41,7 @@ .client_limit = 0, .service_count = 1, .idle_kill = 0, - .vsz_limit = 64*1024*1024, + .vsz_limit = (uoff_t)-1, .unix_listeners = ARRAY_INIT, .fifo_listeners = ARRAY_INIT, From pigeonhole at rename-it.nl Wed Nov 9 18:26:25 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Wed, 09 Nov 2011 17:26:25 +0100 Subject: dovecot-2.0-pigeonhole: managesieve-login: Use default_vsz_limit... Message-ID: details: http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/5b1080bbeee5 changeset: 1543:5b1080bbeee5 user: Stephan Bosch date: Wed Nov 09 17:26:18 2011 +0100 description: managesieve-login: Use default_vsz_limit instead of adding our own. This change matches identical changes for Dovecot's imap-login and pop3-login. diffstat: src/managesieve-login/managesieve-login-settings.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r bf72eada1f1b -r 5b1080bbeee5 src/managesieve-login/managesieve-login-settings.c --- a/src/managesieve-login/managesieve-login-settings.c Wed Oct 05 19:10:44 2011 +0200 +++ b/src/managesieve-login/managesieve-login-settings.c Wed Nov 09 17:26:18 2011 +0100 @@ -51,7 +51,7 @@ .client_limit = 0, .service_count = 1, .idle_kill = 0, - .vsz_limit = 64*1024*1024, + .vsz_limit = (uoff_t)-1, .unix_listeners = ARRAY_INIT, .fifo_listeners = ARRAY_INIT, From dovecot at dovecot.org Wed Nov 9 18:23:33 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 18:23:33 +0200 Subject: dovecot-2.1: restrict_access*(): If setuid() fails with EAGAIN, ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/33ecba7f10cc changeset: 13688:33ecba7f10cc user: Timo Sirainen date: Wed Nov 09 18:20:51 2011 +0200 description: restrict_access*(): If setuid() fails with EAGAIN, suggest ulimit -u being the problem. diffstat: src/lib/restrict-access.c | 35 ++++++++++++++++++++++------------- 1 files changed, 22 insertions(+), 13 deletions(-) diffs (52 lines): diff -r 9bdc40e2d1c6 -r 33ecba7f10cc src/lib/restrict-access.c --- a/src/lib/restrict-access.c Wed Nov 09 18:14:04 2011 +0200 +++ b/src/lib/restrict-access.c Wed Nov 09 18:20:51 2011 +0200 @@ -236,6 +236,26 @@ } } +static const char * +get_setuid_error_str(const struct restrict_access_settings *set) +{ + string_t *str = t_str_new(128); + + str_printfa(str, "setuid(%s", get_uid_str(set->uid)); + if (set->uid_source != NULL) + str_printfa(str, " from %s", set->uid_source); + str_printfa(str, ") failed with euid=%s: %m ", + get_uid_str(geteuid())); + if (errno == EAGAIN) { + str_append(str, "(ulimit -u reached)"); + } else { + str_printfa(str, "(This binary should probably be called with " + "process user set to %s instead of %s)", + get_uid_str(set->uid), get_uid_str(geteuid())); + } + return str_c(str); +} + void restrict_access(const struct restrict_access_settings *set, const char *home, bool disallow_root) { @@ -303,19 +323,8 @@ /* uid last */ if (set->uid != (uid_t)-1) { - if (setuid(set->uid) != 0) { - string_t *str = t_str_new(128); - - str_printfa(str, "setuid(%s", get_uid_str(set->uid)); - if (set->uid_source != NULL) - str_printfa(str, " from %s", set->uid_source); - str_printfa(str, ") failed with euid=%s: %m " - "(This binary should probably be called with " - "process user set to %s instead of %s)", - get_uid_str(geteuid()), - get_uid_str(set->uid), get_uid_str(geteuid())); - i_fatal("%s", str_c(str)); - } + if (setuid(set->uid) != 0) + i_fatal("%s", get_setuid_error_str(set)); } /* verify that we actually dropped the privileges */ From dovecot at dovecot.org Wed Nov 9 18:23:33 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 18:23:33 +0200 Subject: dovecot-2.1: restrict_process_size() API changes. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/523f34bffc94 changeset: 13689:523f34bffc94 user: Timo Sirainen date: Wed Nov 09 18:30:27 2011 +0200 description: restrict_process_size() API changes. diffstat: src/lib/restrict-process-size.c | 69 ++++++++++++++++++++++++---------------- src/lib/restrict-process-size.h | 11 ++++-- src/login-common/main.c | 2 +- src/master/service-process.c | 2 +- 4 files changed, 51 insertions(+), 33 deletions(-) diffs (146 lines): diff -r 33ecba7f10cc -r 523f34bffc94 src/lib/restrict-process-size.c --- a/src/lib/restrict-process-size.c Wed Nov 09 18:20:51 2011 +0200 +++ b/src/lib/restrict-process-size.c Wed Nov 09 18:30:27 2011 +0200 @@ -5,48 +5,47 @@ #include -void restrict_process_size(unsigned int size ATTR_UNUSED, - unsigned int max_processes ATTR_UNUSED) +void restrict_process_size(rlim_t bytes) { -#ifdef HAVE_SETRLIMIT struct rlimit rlim; -#ifdef HAVE_RLIMIT_NPROC - if (max_processes < INT_MAX) { - rlim.rlim_max = rlim.rlim_cur = max_processes; - if (setrlimit(RLIMIT_NPROC, &rlim) < 0) - i_fatal("setrlimit(RLIMIT_NPROC, %u): %m", size); + rlim.rlim_max = rlim.rlim_cur = bytes; + if (setrlimit(RLIMIT_DATA, &rlim) < 0) { + i_fatal("setrlimit(RLIMIT_DATA, %llu): %m", + (unsigned long long)bytes); } -#endif - - if (size > 0 && size < INT_MAX/1024/1024) { - rlim.rlim_max = rlim.rlim_cur = size*1024*1024; - - if (setrlimit(RLIMIT_DATA, &rlim) < 0) - i_fatal("setrlimit(RLIMIT_DATA, %u): %m", size); #ifdef HAVE_RLIMIT_AS - if (setrlimit(RLIMIT_AS, &rlim) < 0) - i_fatal("setrlimit(RLIMIT_AS, %u): %m", size); -#endif - } -#else - if (size != 0) { - i_warning("Can't restrict process size: " - "setrlimit() not supported by system. " - "Set the limit to 0 to hide this warning."); + if (setrlimit(RLIMIT_AS, &rlim) < 0) { + i_fatal("setrlimit(RLIMIT_AS, %llu): %m", + (unsigned long long)bytes); } #endif } -void restrict_fd_limit(unsigned int count) +void restrict_process_count(rlim_t count ATTR_UNUSED) +{ +#ifdef HAVE_RLIMIT_NPROC + struct rlimit rlim; + + rlim.rlim_max = rlim.rlim_cur = count; + if (setrlimit(RLIMIT_NPROC, &rlim) < 0) { + i_fatal("setrlimit(RLIMIT_NPROC, %llu): %m", + (unsigned long long)count); + } +#endif +} + +void restrict_fd_limit(rlim_t count) { #ifdef HAVE_SETRLIMIT struct rlimit rlim; rlim.rlim_cur = rlim.rlim_max = count; - if (setrlimit(RLIMIT_NOFILE, &rlim) < 0) - i_error("setrlimit(RLIMIT_NOFILE, %u): %m", count); + if (setrlimit(RLIMIT_NOFILE, &rlim) < 0) { + i_error("setrlimit(RLIMIT_NOFILE, %llu): %m", + (unsigned long long)count); + } #endif } @@ -65,3 +64,19 @@ return -1; #endif } + +int restrict_get_process_limit(rlim_t *limit_r) +{ +#ifdef HAVE_RLIMIT_NPROC + struct rlimit rlim; + + if (getrlimit(RLIMIT_NPROC, &rlim) < 0) { + i_error("getrlimit(RLIMIT_NPROC) failed: %m"); + return -1; + } + *limit_r = rlim.rlim_cur; + return 0; +#else + return -1; +#endif +} diff -r 33ecba7f10cc -r 523f34bffc94 src/lib/restrict-process-size.h --- a/src/lib/restrict-process-size.h Wed Nov 09 18:20:51 2011 +0200 +++ b/src/lib/restrict-process-size.h Wed Nov 09 18:30:27 2011 +0200 @@ -6,13 +6,16 @@ # include #endif -/* Restrict max. process size. The size is in megabytes, setting it to - (unsigned int)-1 sets it unlimited. */ -void restrict_process_size(unsigned int size, unsigned int max_processes); +/* Restrict max. process size. */ +void restrict_process_size(rlim_t bytes); +/* Restrict max. number of processes. */ +void restrict_process_count(rlim_t count); /* Set fd limit to count. */ -void restrict_fd_limit(unsigned int count); +void restrict_fd_limit(rlim_t count); /* Get the core dump size limit. Returns 0 if ok, -1 if lookup failed. */ int restrict_get_core_limit(rlim_t *limit_r); +/* Get the process count limit. Returns 0 if ok, -1 if lookup failed. */ +int restrict_get_process_limit(rlim_t *limit_r); #endif diff -r 33ecba7f10cc -r 523f34bffc94 src/login-common/main.c --- a/src/login-common/main.c Wed Nov 09 18:20:51 2011 +0200 +++ b/src/login-common/main.c Wed Nov 09 18:30:27 2011 +0200 @@ -291,7 +291,7 @@ static void main_init(const char *login_socket) { /* make sure we can't fork() */ - restrict_process_size((unsigned int)-1, 1); + restrict_process_count(1); if (restrict_access_get_current_chroot() == NULL) { if (chdir("login") < 0) diff -r 33ecba7f10cc -r 523f34bffc94 src/master/service-process.c --- a/src/master/service-process.c Wed Nov 09 18:20:51 2011 +0200 +++ b/src/master/service-process.c Wed Nov 09 18:30:27 2011 +0200 @@ -157,7 +157,7 @@ unsigned int len; if (service->vsz_limit != 0) - restrict_process_size(service->vsz_limit/1024/1024, -1U); + restrict_process_size(service->vsz_limit); restrict_access_init(&rset); rset.uid = service->uid; From dovecot at dovecot.org Wed Nov 9 18:23:33 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 18:23:33 +0200 Subject: dovecot-2.1: master: Increase process count limit (ulimit -u) at... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/eace12589314 changeset: 13690:eace12589314 user: Timo Sirainen date: Wed Nov 09 18:33:59 2011 +0200 description: master: Increase process count limit (ulimit -u) at startup high enough that we don't reach it. diffstat: src/master/main.c | 22 ++++++++++++++++++++++ 1 files changed, 22 insertions(+), 0 deletions(-) diffs (34 lines): diff -r 523f34bffc94 -r eace12589314 src/master/main.c --- a/src/master/main.c Wed Nov 09 18:30:27 2011 +0200 +++ b/src/master/main.c Wed Nov 09 18:33:59 2011 +0200 @@ -428,8 +428,30 @@ i_info(STARTUP_STRING); } +static void master_set_process_limit(void) +{ + struct service *const *servicep; + unsigned int process_limit = 0; + rlim_t nproc; + + /* we'll just count all the processes that can exist and set the + process limit so that we won't reach it. it's usually higher than + needed, since we'd only need to set it high enough for each + separate UID not to reach the limit, but this is difficult to + guess: mail processes should probably be counted together for a + common vmail user (unless system users are being used), but + we can't really guess what the mail processes are. */ + array_foreach(&services->services, servicep) + process_limit += (*servicep)->process_limit; + + if (restrict_get_process_limit(&nproc) == 0 && + process_limit > nproc) + restrict_process_count(process_limit); +} + static void main_init(const struct master_settings *set) { + master_set_process_limit(); drop_capabilities(); /* deny file access from everyone else except owner */ From dovecot at dovecot.org Wed Nov 9 22:48:34 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 09 Nov 2011 22:48:34 +0200 Subject: dovecot-2.1: maildir++: If listing finds non-mUTF7/UTF8 mailbox ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/4d49122ba42a changeset: 13691:4d49122ba42a user: Timo Sirainen date: Wed Nov 09 22:58:38 2011 +0200 description: maildir++: If listing finds non-mUTF7/UTF8 mailbox dir, rename it instead of assert-crashing later. diffstat: src/lib-storage/list/mailbox-list-maildir-iter.c | 25 ++++++++++++++++++++++++ 1 files changed, 25 insertions(+), 0 deletions(-) diffs (48 lines): diff -r eace12589314 -r 4d49122ba42a src/lib-storage/list/mailbox-list-maildir-iter.c --- a/src/lib-storage/list/mailbox-list-maildir-iter.c Wed Nov 09 18:33:59 2011 +0200 +++ b/src/lib-storage/list/mailbox-list-maildir-iter.c Wed Nov 09 22:58:38 2011 +0200 @@ -5,12 +5,15 @@ #include "str.h" #include "ioloop.h" #include "unlink-directory.h" +#include "unichar.h" #include "imap-match.h" +#include "imap-utf7.h" #include "mailbox-tree.h" #include "mailbox-list-delete.h" #include "mailbox-list-subscriptions.h" #include "mailbox-list-maildir.h" +#include #include #include @@ -285,6 +288,28 @@ return 0; vname = mailbox_list_get_vname(list, storage_name); + if (!uni_utf8_str_is_valid(vname)) { + /* the storage_name is completely invalid, rename it to + something more sensible. we could do this for all names that + aren't valid mUTF-7, but that might lead to accidents in + future when UTF-8 storage names are used */ + const char *src = t_strdup_printf("%s/%s", ctx->dir, fname); + string_t *destvname = t_str_new(128); + string_t *dest = t_str_new(128); + + (void)uni_utf8_get_valid_data((const void *)fname, + strlen(fname), destvname); + + str_append(dest, ctx->dir); + str_append_c(dest, '/'); + (void)imap_utf8_to_utf7(str_c(destvname), dest); + + if (rename(src, str_c(dest)) < 0 && errno != ENOENT) + i_error("rename(%s, %s) failed: %m", src, str_c(dest)); + /* just skip this in this iteration, we'll see it on the + next list */ + return 0; + } /* make sure the pattern matches */ match = imap_match(glob, vname); From dovecot at dovecot.org Mon Nov 14 23:26:31 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Mon, 14 Nov 2011 23:26:31 +0200 Subject: dovecot-2.1: stats: Forcibly free command after running for 15 m... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/1cda9fe6d7fa changeset: 13692:1cda9fe6d7fa user: Timo Sirainen date: Mon Nov 14 23:15:17 2011 +0200 description: stats: Forcibly free command after running for 15 minutes without updates. diffstat: src/stats/mail-command.c | 13 ++++++++++++- 1 files changed, 12 insertions(+), 1 deletions(-) diffs (37 lines): diff -r 4d49122ba42a -r 1cda9fe6d7fa src/stats/mail-command.c --- a/src/stats/mail-command.c Wed Nov 09 22:58:38 2011 +0200 +++ b/src/stats/mail-command.c Mon Nov 14 23:15:17 2011 +0200 @@ -9,6 +9,8 @@ #include "mail-session.h" #include "mail-command.h" +#define MAIL_COMMAND_TIMEOUT_SECS (60*15) + /* commands are sorted by their last_update timestamp, oldest first */ struct mail_command *stable_mail_commands_head; struct mail_command *stable_mail_commands_tail; @@ -154,6 +156,13 @@ return 0; } +static bool mail_command_is_timed_out(struct mail_command *cmd) +{ + /* some commands like IDLE can run forever */ + return ioloop_time - cmd->last_update.tv_sec > + MAIL_COMMAND_TIMEOUT_SECS; +} + void mail_commands_free_memory(void) { unsigned int diff; @@ -163,7 +172,9 @@ if (cmd->refcount == 0) i_assert(cmd->id == 0); - else if (cmd->refcount == 1 && cmd->session->disconnected) { + else if (cmd->refcount == 1 && + (cmd->session->disconnected || + mail_command_is_timed_out(cmd))) { /* session was probably lost */ mail_command_unref(&cmd); } else { From dovecot at dovecot.org Mon Nov 14 23:26:31 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Mon, 14 Nov 2011 23:26:31 +0200 Subject: dovecot-2.1: imap-stats: Don't send IDLE command updates to stat... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/a538eec53922 changeset: 13693:a538eec53922 user: Timo Sirainen date: Mon Nov 14 23:15:37 2011 +0200 description: imap-stats: Don't send IDLE command updates to stats service. diffstat: src/plugins/imap-stats/imap-stats-plugin.c | 6 ++++++ 1 files changed, 6 insertions(+), 0 deletions(-) diffs (16 lines): diff -r 1cda9fe6d7fa -r a538eec53922 src/plugins/imap-stats/imap-stats-plugin.c --- a/src/plugins/imap-stats/imap-stats-plugin.c Mon Nov 14 23:15:17 2011 +0200 +++ b/src/plugins/imap-stats/imap-stats-plugin.c Mon Nov 14 23:15:37 2011 +0200 @@ -33,6 +33,12 @@ if (suser == NULL || !suser->track_commands) return; + if (strcasecmp(cmd->name, "IDLE") == 0) { + /* IDLE can run forever and waste stats process's memory while + waiting for it to timeout. don't send them. */ + return; + } + scmd = IMAP_STATS_IMAP_CONTEXT(cmd); if (scmd == NULL) { scmd = p_new(cmd->pool, struct stats_client_command, 1); From dovecot at dovecot.org Tue Nov 15 00:06:06 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 15 Nov 2011 00:06:06 +0200 Subject: dovecot-2.1: maildir: When noticing invalid 'S' in filename, rep... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/466badb63c0b changeset: 13694:466badb63c0b user: Timo Sirainen date: Tue Nov 15 00:05:50 2011 +0200 description: maildir: When noticing invalid 'S' in filename, replace it with the correct one instead of removing it. diffstat: src/lib-storage/index/maildir/maildir-mail.c | 14 ++++++++++++-- 1 files changed, 12 insertions(+), 2 deletions(-) diffs (31 lines): diff -r a538eec53922 -r 466badb63c0b src/lib-storage/index/maildir/maildir-mail.c --- a/src/lib-storage/index/maildir/maildir-mail.c Mon Nov 14 23:15:37 2011 +0200 +++ b/src/lib-storage/index/maildir/maildir-mail.c Tue Nov 15 00:05:50 2011 +0200 @@ -617,6 +617,7 @@ const char *wrong_key_p) { const char *fname, *newpath, *extra, *info, *dir; + struct stat st; fname = strrchr(path, '/'); i_assert(fname != NULL); @@ -627,8 +628,17 @@ info = strchr(fname, MAILDIR_INFO_SEP); if (info == NULL) info = ""; - newpath = t_strdup_printf("%s/%s%s", dir, - t_strdup_until(fname, extra), info); + if (stat(path, &st) < 0) { + if (errno == ENOENT) + return 0; + mail_storage_set_critical(&mbox->storage->storage, + "stat(%s) failed: %m", path); + return -1; + } + + newpath = t_strdup_printf("%s/%s,S=%"PRIuUOFF_T"%s", dir, + t_strdup_until(fname, extra), + (uoff_t)st.st_size, info); if (rename(path, newpath) == 0) { mail_storage_set_critical(mbox->box.storage, From dovecot at dovecot.org Tue Nov 15 00:34:12 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 15 Nov 2011 00:34:12 +0200 Subject: dovecot-2.1: maildir: Added maildir_broken_filename_sizes setting. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/3c5d3d618c76 changeset: 13695:3c5d3d618c76 user: Timo Sirainen date: Tue Nov 15 00:34:00 2011 +0200 description: maildir: Added maildir_broken_filename_sizes setting. diffstat: doc/example-config/conf.d/10-mail.conf | 6 ++++++ src/lib-storage/index/maildir/maildir-mail.c | 11 ++++++----- src/lib-storage/index/maildir/maildir-settings.c | 4 +++- src/lib-storage/index/maildir/maildir-settings.h | 1 + 4 files changed, 16 insertions(+), 6 deletions(-) diffs (68 lines): diff -r 466badb63c0b -r 3c5d3d618c76 doc/example-config/conf.d/10-mail.conf --- a/doc/example-config/conf.d/10-mail.conf Tue Nov 15 00:05:50 2011 +0200 +++ b/doc/example-config/conf.d/10-mail.conf Tue Nov 15 00:34:00 2011 +0200 @@ -251,6 +251,12 @@ # when its mtime changes unexpectedly or when we can't find the mail otherwise. #maildir_very_dirty_syncs = no +# If enabled, Dovecot doesn't use the S= in the Maildir filenames for +# getting the mail's physical size, except when recalculating Maildir++ quota. +# This can be useful in systems where a lot of the Maildir filenames have a +# broken size. The performance hit for enabling this is very small. +#maildir_broken_filename_sizes = no + ## ## mbox-specific settings ## diff -r 466badb63c0b -r 3c5d3d618c76 src/lib-storage/index/maildir/maildir-mail.c --- a/src/lib-storage/index/maildir/maildir-mail.c Tue Nov 15 00:05:50 2011 +0200 +++ b/src/lib-storage/index/maildir/maildir-mail.c Tue Nov 15 00:34:00 2011 +0200 @@ -294,11 +294,12 @@ } /* size can be included in filename */ - if (maildir_filename_get_size(fname, - vsize ? MAILDIR_EXTRA_VIRTUAL_SIZE : - MAILDIR_EXTRA_FILE_SIZE, - size_r)) - return 1; + if (vsize || !mbox->storage->set->maildir_broken_filename_sizes) { + if (maildir_filename_get_size(fname, + vsize ? MAILDIR_EXTRA_VIRTUAL_SIZE : + MAILDIR_EXTRA_FILE_SIZE, size_r)) + return 1; + } /* size can be included in uidlist entry */ if (!_mail->saving) { diff -r 466badb63c0b -r 3c5d3d618c76 src/lib-storage/index/maildir/maildir-settings.c --- a/src/lib-storage/index/maildir/maildir-settings.c Tue Nov 15 00:05:50 2011 +0200 +++ b/src/lib-storage/index/maildir/maildir-settings.c Tue Nov 15 00:34:00 2011 +0200 @@ -14,13 +14,15 @@ static const struct setting_define maildir_setting_defines[] = { DEF(SET_BOOL, maildir_copy_with_hardlinks), DEF(SET_BOOL, maildir_very_dirty_syncs), + DEF(SET_BOOL, maildir_broken_filename_sizes), SETTING_DEFINE_LIST_END }; static const struct maildir_settings maildir_default_settings = { .maildir_copy_with_hardlinks = TRUE, - .maildir_very_dirty_syncs = FALSE + .maildir_very_dirty_syncs = FALSE, + .maildir_broken_filename_sizes = FALSE }; static const struct setting_parser_info maildir_setting_parser_info = { diff -r 466badb63c0b -r 3c5d3d618c76 src/lib-storage/index/maildir/maildir-settings.h --- a/src/lib-storage/index/maildir/maildir-settings.h Tue Nov 15 00:05:50 2011 +0200 +++ b/src/lib-storage/index/maildir/maildir-settings.h Tue Nov 15 00:34:00 2011 +0200 @@ -4,6 +4,7 @@ struct maildir_settings { bool maildir_copy_with_hardlinks; bool maildir_very_dirty_syncs; + bool maildir_broken_filename_sizes; }; const struct setting_parser_info *maildir_get_setting_parser_info(void); From dovecot at dovecot.org Tue Nov 15 17:40:36 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 15 Nov 2011 17:40:36 +0200 Subject: dovecot-2.1: stats: Freeing a user didn't remove it from hash ta... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/c8076e71c849 changeset: 13696:c8076e71c849 user: Timo Sirainen date: Tue Nov 15 17:40:13 2011 +0200 description: stats: Freeing a user didn't remove it from hash table, leading to crash later. diffstat: src/stats/mail-user.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r 3c5d3d618c76 -r c8076e71c849 src/stats/mail-user.c --- a/src/stats/mail-user.c Tue Nov 15 00:34:00 2011 +0200 +++ b/src/stats/mail-user.c Tue Nov 15 17:40:13 2011 +0200 @@ -85,6 +85,7 @@ i_assert(user->sessions == NULL); global_memory_free(mail_user_memsize(user)); + hash_table_remove(mail_users_hash, user->name); DLLIST_REMOVE_FULL(&stable_mail_users, user, stable_prev, stable_next); DLLIST2_REMOVE_FULL(&mail_users_head, &mail_users_tail, user, From dovecot at dovecot.org Tue Nov 15 18:30:05 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 15 Nov 2011 18:30:05 +0200 Subject: dovecot-2.1: lib-storage: Added "auto" mail storage driver for f... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/ad0136b56d6e changeset: 13697:ad0136b56d6e user: Timo Sirainen date: Tue Nov 15 18:21:39 2011 +0200 description: lib-storage: Added "auto" mail storage driver for forcing autodetection. diffstat: src/lib-storage/mail-storage.c | 10 +++++++++- 1 files changed, 9 insertions(+), 1 deletions(-) diffs (20 lines): diff -r c8076e71c849 -r ad0136b56d6e src/lib-storage/mail-storage.c --- a/src/lib-storage/mail-storage.c Tue Nov 15 17:40:13 2011 +0200 +++ b/src/lib-storage/mail-storage.c Tue Nov 15 18:21:39 2011 +0200 @@ -132,7 +132,15 @@ struct mail_storage *storage_class = NULL; const char *home; - if (driver != NULL) { + if (driver == NULL) { + /* no mail_location, autodetect */ + } else if (strcmp(driver, "auto") == 0) { + /* explicit autodetection with "auto" driver. */ + if (*list_set->root_dir == '\0') { + /* handle the same as with driver=NULL */ + list_set->root_dir = NULL; + } + } else { storage_class = mail_storage_find_class(driver); if (storage_class == NULL) { *error_r = t_strdup_printf( From dovecot at dovecot.org Tue Nov 15 18:30:05 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 15 Nov 2011 18:30:05 +0200 Subject: dovecot-2.1: mdbox: Added support for autodetection of ~/mdbox/ ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/bcb20d216edd changeset: 13698:bcb20d216edd user: Timo Sirainen date: Tue Nov 15 18:29:14 2011 +0200 description: mdbox: Added support for autodetection of ~/mdbox/ as mdbox storage. diffstat: src/lib-storage/index/dbox-multi/mdbox-storage.c | 57 +++++++++++++++++++++++- 1 files changed, 56 insertions(+), 1 deletions(-) diffs (74 lines): diff -r ad0136b56d6e -r bcb20d216edd src/lib-storage/index/dbox-multi/mdbox-storage.c --- a/src/lib-storage/index/dbox-multi/mdbox-storage.c Tue Nov 15 18:21:39 2011 +0200 +++ b/src/lib-storage/index/dbox-multi/mdbox-storage.c Tue Nov 15 18:29:14 2011 +0200 @@ -81,6 +81,61 @@ dbox_storage_destroy(_storage); } +static const char * +mdbox_storage_find_root_dir(const struct mail_namespace *ns) +{ + bool debug = ns->mail_set->mail_debug; + const char *home, *path; + + if (mail_user_get_home(ns->user, &home) > 0) { + path = t_strconcat(home, "/mdbox", NULL); + if (access(path, R_OK|W_OK|X_OK) == 0) { + if (debug) + i_debug("mdbox: root exists (%s)", path); + return path; + } + if (debug) + i_debug("mdbox: access(%s, rwx): failed: %m", path); + } + return NULL; +} + +static bool mdbox_storage_autodetect(const struct mail_namespace *ns, + struct mailbox_list_settings *set) +{ + bool debug = ns->mail_set->mail_debug; + struct stat st; + const char *path, *root_dir; + + if (set->root_dir != NULL) + root_dir = set->root_dir; + else { + root_dir = mdbox_storage_find_root_dir(ns); + if (root_dir == NULL) { + if (debug) + i_debug("mdbox: couldn't find root dir"); + return FALSE; + } + } + + path = t_strconcat(root_dir, "/"MDBOX_GLOBAL_DIR_NAME, NULL); + if (stat(path, &st) < 0) { + if (debug) + i_debug("mdbox autodetect: stat(%s) failed: %m", path); + return FALSE; + } + + if (!S_ISDIR(st.st_mode)) { + if (debug) + i_debug("mdbox autodetect: %s not a directory", path); + return FALSE; + } + + set->root_dir = root_dir; + dbox_storage_get_list_settings(ns, set); + return TRUE; +} + static struct mailbox * mdbox_mailbox_alloc(struct mail_storage *storage, struct mailbox_list *list, const char *vname, enum mailbox_flags flags) @@ -362,7 +417,7 @@ mdbox_storage_destroy, NULL, dbox_storage_get_list_settings, - NULL, + mdbox_storage_autodetect, mdbox_mailbox_alloc, mdbox_purge } From dovecot at dovecot.org Tue Nov 15 18:30:05 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 15 Nov 2011 18:30:05 +0200 Subject: dovecot-2.1: configure: Don't reorder --with-storages values. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/500bf1444ad6 changeset: 13699:500bf1444ad6 user: Timo Sirainen date: Tue Nov 15 18:29:52 2011 +0200 description: configure: Don't reorder --with-storages values. The ordering is used for storage autodetection. diffstat: configure.in | 13 ++++++++----- 1 files changed, 8 insertions(+), 5 deletions(-) diffs (35 lines): diff -r bcb20d216edd -r 500bf1444ad6 configure.in --- a/configure.in Tue Nov 15 18:29:14 2011 +0200 +++ b/configure.in Tue Nov 15 18:29:52 2011 +0200 @@ -241,13 +241,19 @@ want_gc=no) AC_ARG_WITH(storages, -AS_HELP_STRING([--with-storages], [Build with specified mail storage formats (maildir mbox sdbox mdbox cydir)]), [ +AS_HELP_STRING([--with-storages], [Build with specified mail storage formats (mdbox sdbox maildir mbox cydir imapc)]), [ if test "$withval" = "yes" || test "$withval" = "no"; then AC_MSG_ERROR([--with-storages needs storage list as parameter]) fi mail_storages="shared `echo "$withval"|sed 's/,/ /g'`" ], - mail_storages="shared maildir mbox sdbox mdbox cydir imapc") + mail_storages="shared mdbox sdbox maildir mbox cydir imapc") AC_SUBST(mail_storages) +mail_storages="$mail_storages raw" +# drop duplicates +duplicates=`(for i in $mail_storages; do echo $i; done)|sort|uniq -d|xargs echo` +if test "$duplicates" != ""; then + AC_ERROR([Duplicate --with-storages: $duplicates]) +fi DC_DOVECOT_MODULEDIR @@ -2443,9 +2449,6 @@ STORAGE_LIB='$(top_builddir)/src/lib-storage/libdovecot-storage.la' LINKED_STORAGE_LIBS= -mail_storages="$mail_storages raw" -# drop duplicates -mail_storages=`(for i in $mail_storages; do echo $i; done)|sort|uniq|xargs echo` mailbox_list_drivers="maildir imapdir none fs shared" have_sdbox=no From dovecot at dovecot.org Tue Nov 15 18:35:16 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 15 Nov 2011 18:35:16 +0200 Subject: dovecot-2.0: lib-storage: Added "auto" mail storage driver for f... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/bef7acd675f3 changeset: 12961:bef7acd675f3 user: Timo Sirainen date: Tue Nov 15 18:21:39 2011 +0200 description: lib-storage: Added "auto" mail storage driver for forcing autodetection. diffstat: src/lib-storage/mail-storage.c | 10 +++++++++- 1 files changed, 9 insertions(+), 1 deletions(-) diffs (20 lines): diff -r 37c044235948 -r bef7acd675f3 src/lib-storage/mail-storage.c --- a/src/lib-storage/mail-storage.c Wed Nov 09 18:14:04 2011 +0200 +++ b/src/lib-storage/mail-storage.c Tue Nov 15 18:21:39 2011 +0200 @@ -130,7 +130,15 @@ struct mail_storage *storage_class = NULL; const char *home; - if (driver != NULL) { + if (driver == NULL) { + /* no mail_location, autodetect */ + } else if (strcmp(driver, "auto") == 0) { + /* explicit autodetection with "auto" driver. */ + if (*list_set->root_dir == '\0') { + /* handle the same as with driver=NULL */ + list_set->root_dir = NULL; + } + } else { storage_class = mail_storage_find_class(driver); if (storage_class == NULL) { *error_r = t_strdup_printf( From dovecot at dovecot.org Tue Nov 15 18:35:16 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 15 Nov 2011 18:35:16 +0200 Subject: dovecot-2.0: mdbox: Added support for autodetection of ~/mdbox/ ... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/ddbf1bf524cc changeset: 12962:ddbf1bf524cc user: Timo Sirainen date: Tue Nov 15 18:31:34 2011 +0200 description: mdbox: Added support for autodetection of ~/mdbox/ as mdbox storage. diffstat: src/lib-storage/index/dbox-multi/mdbox-storage.c | 57 +++++++++++++++++++++++- 1 files changed, 56 insertions(+), 1 deletions(-) diffs (74 lines): diff -r bef7acd675f3 -r ddbf1bf524cc src/lib-storage/index/dbox-multi/mdbox-storage.c --- a/src/lib-storage/index/dbox-multi/mdbox-storage.c Tue Nov 15 18:21:39 2011 +0200 +++ b/src/lib-storage/index/dbox-multi/mdbox-storage.c Tue Nov 15 18:31:34 2011 +0200 @@ -81,6 +81,61 @@ dbox_storage_destroy(_storage); } +static const char * +mdbox_storage_find_root_dir(const struct mail_namespace *ns) +{ + bool debug = ns->mail_set->mail_debug; + const char *home, *path; + + if (mail_user_get_home(ns->user, &home) > 0) { + path = t_strconcat(home, "/mdbox", NULL); + if (access(path, R_OK|W_OK|X_OK) == 0) { + if (debug) + i_debug("mdbox: root exists (%s)", path); + return path; + } + if (debug) + i_debug("mdbox: access(%s, rwx): failed: %m", path); + } + return NULL; +} + +static bool mdbox_storage_autodetect(const struct mail_namespace *ns, + struct mailbox_list_settings *set) +{ + bool debug = ns->mail_set->mail_debug; + struct stat st; + const char *path, *root_dir; + + if (set->root_dir != NULL) + root_dir = set->root_dir; + else { + root_dir = mdbox_storage_find_root_dir(ns); + if (root_dir == NULL) { + if (debug) + i_debug("mdbox: couldn't find root dir"); + return FALSE; + } + } + + path = t_strconcat(root_dir, "/"MDBOX_GLOBAL_DIR_NAME, NULL); + if (stat(path, &st) < 0) { + if (debug) + i_debug("mdbox autodetect: stat(%s) failed: %m", path); + return FALSE; + } + + if (!S_ISDIR(st.st_mode)) { + if (debug) + i_debug("mdbox autodetect: %s not a directory", path); + return FALSE; + } + + set->root_dir = root_dir; + dbox_storage_get_list_settings(ns, set); + return TRUE; +} + struct mailbox * mdbox_mailbox_alloc(struct mail_storage *storage, struct mailbox_list *list, const char *name, enum mailbox_flags flags) @@ -386,7 +441,7 @@ mdbox_storage_destroy, NULL, dbox_storage_get_list_settings, - NULL, + mdbox_storage_autodetect, mdbox_mailbox_alloc, mdbox_purge } From dovecot at dovecot.org Tue Nov 15 18:35:16 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 15 Nov 2011 18:35:16 +0200 Subject: dovecot-2.0: configure: Don't reorder --with-storages values. Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/6dab5db6fba6 changeset: 12963:6dab5db6fba6 user: Timo Sirainen date: Tue Nov 15 18:35:07 2011 +0200 description: configure: Don't reorder --with-storages values. The ordering is used for storage autodetection. diffstat: configure.in | 13 ++++++++----- 1 files changed, 8 insertions(+), 5 deletions(-) diffs (35 lines): diff -r ddbf1bf524cc -r 6dab5db6fba6 configure.in --- a/configure.in Tue Nov 15 18:31:34 2011 +0200 +++ b/configure.in Tue Nov 15 18:35:07 2011 +0200 @@ -239,13 +239,19 @@ want_gc=no) AC_ARG_WITH(storages, -AS_HELP_STRING([--with-storages], [Build with specified mail storage formats (maildir mbox sdbox mdbox cydir)]), [ +AS_HELP_STRING([--with-storages], [Build with specified mail storage formats (mdbox sdbox maildir mbox cydir)]), [ if test "$withval" = "yes" || test "$withval" = "no"; then AC_MSG_ERROR([--with-storages needs storage list as parameter]) fi mail_storages="shared `echo "$withval"|sed 's/,/ /g'`" ], - mail_storages="shared maildir mbox sdbox mdbox cydir") + mail_storages="shared mdbox sdbox maildir mbox cydir") AC_SUBST(mail_storages) +mail_storages="$mail_storages raw" +# drop duplicates +duplicates=`(for i in $mail_storages; do echo $i; done)|sort|uniq -d|xargs echo` +if test "$duplicates" != ""; then + AC_ERROR([Duplicate --with-storages: $duplicates]) +fi DC_DOVECOT_MODULEDIR @@ -2436,9 +2442,6 @@ STORAGE_LIB='$(top_builddir)/src/lib-storage/libdovecot-storage.la' LINKED_STORAGE_LIBS= -mail_storages="$mail_storages raw" -# drop duplicates -mail_storages=`(for i in $mail_storages; do echo $i; done)|sort|uniq|xargs echo` have_sdbox=no for storage in $mail_storages; do LINKED_STORAGE_LIBS="$LINKED_STORAGE_LIBS `eval echo \\$${storage}_libs`" From dovecot at dovecot.org Tue Nov 15 20:59:05 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 15 Nov 2011 20:59:05 +0200 Subject: dovecot-2.1: master: Don't throttle successfully started service... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/3dc1806bd27e changeset: 13701:3dc1806bd27e user: Timo Sirainen date: Tue Nov 15 20:58:48 2011 +0200 description: master: Don't throttle successfully started services just because their processes didn't have clients. diffstat: src/master/service-monitor.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r 6b9f7cb07c8f -r 3dc1806bd27e src/master/service-monitor.c --- a/src/master/service-monitor.c Tue Nov 15 20:56:59 2011 +0200 +++ b/src/master/service-monitor.c Tue Nov 15 20:58:48 2011 +0200 @@ -523,7 +523,7 @@ bool throttle; service_process_log_status_error(process, status); - throttle = process->total_count == 0; + throttle = process->to_status != NULL; service_process_notify_add(service_anvil_global->kills, process); return throttle; } From dovecot at dovecot.org Tue Nov 15 20:59:05 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 15 Nov 2011 20:59:05 +0200 Subject: dovecot-2.1: stats: If process has crashed/restarted, hide initi... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/6b9f7cb07c8f changeset: 13700:6b9f7cb07c8f user: Timo Sirainen date: Tue Nov 15 20:56:59 2011 +0200 description: stats: If process has crashed/restarted, hide initial "missing session GUID" warnings. diffstat: src/stats/mail-session.c | 29 +++++++++++++++++++++++++++-- 1 files changed, 27 insertions(+), 2 deletions(-) diffs (64 lines): diff -r 500bf1444ad6 -r 6b9f7cb07c8f src/stats/mail-session.c --- a/src/stats/mail-session.c Tue Nov 15 18:29:52 2011 +0200 +++ b/src/stats/mail-session.c Tue Nov 15 20:56:59 2011 +0200 @@ -16,10 +16,19 @@ session. Must be larger than SESSION_STATS_FORCE_REFRESH_SECS in stats plugin */ #define MAIL_SESSION_IDLE_TIMEOUT_MSECS (1000*60*15) +/* If stats process crashes/restarts, existing processes keep sending status + updates to it, but this process doesn't know their GUIDs. If these missing + GUIDs are found within this many seconds of starting the stats process, + don't log a warning about them. (On a larger installation this avoids + flooding the error log with hundreds of warnings.) */ +#define SESSION_GUID_WARN_HIDE_SECS (60*5) static struct hash_table *mail_sessions_hash; /* sessions are sorted by their last_update timestamp, oldest first */ static struct mail_session *mail_sessions_head, *mail_sessions_tail; +static time_t session_guid_warn_hide_until; +static bool session_guid_hide_warned = FALSE; + struct mail_session *stable_mail_sessions; static size_t mail_session_memsize(const struct mail_session *session) @@ -145,6 +154,21 @@ i_free(session); } +static void mail_session_guid_lost(guid_128_t session_guid) +{ + if (ioloop_time < session_guid_warn_hide_until) { + if (session_guid_hide_warned) + return; + session_guid_hide_warned = TRUE; + i_warning("stats process appears to have crashed/restarted, " + "hiding missing session GUID warnings for %d seconds", + (int)(session_guid_warn_hide_until - ioloop_time)); + return; + } + i_warning("Couldn't find session GUID: %s", + guid_128_to_string(session_guid)); +} + int mail_session_lookup(const char *guid, struct mail_session **session_r, const char **error_r) { @@ -160,8 +184,7 @@ } *session_r = hash_table_lookup(mail_sessions_hash, session_guid); if (*session_r == NULL) { - i_warning("Couldn't find session GUID: %s", - guid_128_to_string(session_guid)); + mail_session_guid_lost(session_guid); return 0; } return 1; @@ -264,6 +287,8 @@ void mail_sessions_init(void) { + session_guid_warn_hide_until = + ioloop_time + SESSION_GUID_WARN_HIDE_SECS; mail_sessions_hash = hash_table_create(default_pool, default_pool, 0, guid_128_hash, guid_128_cmp); From dovecot at dovecot.org Tue Nov 15 22:24:27 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 15 Nov 2011 22:24:27 +0200 Subject: dovecot-2.0: man: Updated doveadm-search-query.7 to include MAIL... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/b9409428b470 changeset: 12964:b9409428b470 user: Timo Sirainen date: Tue Nov 15 22:24:18 2011 +0200 description: man: Updated doveadm-search-query.7 to include MAILBOX[-GUID] as search keys. diffstat: doc/man/doveadm-search-query.7 | 10 ++++++++++ 1 files changed, 10 insertions(+), 0 deletions(-) diffs (20 lines): diff -r 6dab5db6fba6 -r b9409428b470 doc/man/doveadm-search-query.7 --- a/doc/man/doveadm-search-query.7 Tue Nov 15 18:35:07 2011 +0200 +++ b/doc/man/doveadm-search-query.7 Tue Nov 15 22:24:18 2011 +0200 @@ -164,6 +164,16 @@ .IR size . .\"----------------- .TP +.BI MAILBOX\ name +Matches messages in the mailbox with the specified +.IR name . +.\"----------------- +.TP +.BI MAILBOX-GUID\ guid +Matches messages in the mailbox with the specified +.IR guid . +.\"----------------- +.TP .B NEW Matches messages, which have the IMAP flag \(rsRecent set .B but not From dovecot at dovecot.org Tue Nov 15 22:24:42 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 15 Nov 2011 22:24:42 +0200 Subject: dovecot-2.1: man: Updated doveadm-search-query.7 to include MAIL... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/857d4c45588f changeset: 13702:857d4c45588f user: Timo Sirainen date: Tue Nov 15 22:24:18 2011 +0200 description: man: Updated doveadm-search-query.7 to include MAILBOX[-GUID] as search keys. diffstat: doc/man/doveadm-search-query.7 | 10 ++++++++++ 1 files changed, 10 insertions(+), 0 deletions(-) diffs (20 lines): diff -r 3dc1806bd27e -r 857d4c45588f doc/man/doveadm-search-query.7 --- a/doc/man/doveadm-search-query.7 Tue Nov 15 20:58:48 2011 +0200 +++ b/doc/man/doveadm-search-query.7 Tue Nov 15 22:24:18 2011 +0200 @@ -164,6 +164,16 @@ .IR size . .\"----------------- .TP +.BI MAILBOX\ name +Matches messages in the mailbox with the specified +.IR name . +.\"----------------- +.TP +.BI MAILBOX-GUID\ guid +Matches messages in the mailbox with the specified +.IR guid . +.\"----------------- +.TP .B NEW Matches messages, which have the IMAP flag \(rsRecent set .B but not From dovecot at dovecot.org Wed Nov 16 00:28:49 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 00:28:49 +0200 Subject: dovecot-2.0: man: Fixes to previous doveadm-search-query.7 change. Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/071bb6a1b250 changeset: 12965:071bb6a1b250 user: Timo Sirainen date: Wed Nov 16 00:28:32 2011 +0200 description: man: Fixes to previous doveadm-search-query.7 change. diffstat: doc/man/doveadm-search-query.7 | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diffs (19 lines): diff -r b9409428b470 -r 071bb6a1b250 doc/man/doveadm-search-query.7 --- a/doc/man/doveadm-search-query.7 Tue Nov 15 22:24:18 2011 +0200 +++ b/doc/man/doveadm-search-query.7 Wed Nov 16 00:28:32 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-SEARCH\-QUERY 7 "2010-06-24" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-SEARCH\-QUERY 7 "2011-11-16" "Dovecot v2.0" "Dovecot" .SH NAME doveadm\-search\-query \- Overview of search queries for doveadm mailbox \ commands @@ -169,7 +169,7 @@ .IR name . .\"----------------- .TP -.BI MAILBOX-GUID\ guid +.BI MAILBOX\-GUID\ guid Matches messages in the mailbox with the specified .IR guid . .\"----------------- From dovecot at dovecot.org Wed Nov 16 00:29:02 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 00:29:02 +0200 Subject: dovecot-2.1: man: Fixes to previous doveadm-search-query.7 change. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/5fefb7f1e6c4 changeset: 13703:5fefb7f1e6c4 user: Timo Sirainen date: Wed Nov 16 00:28:32 2011 +0200 description: man: Fixes to previous doveadm-search-query.7 change. diffstat: doc/man/doveadm-search-query.7 | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diffs (19 lines): diff -r 857d4c45588f -r 5fefb7f1e6c4 doc/man/doveadm-search-query.7 --- a/doc/man/doveadm-search-query.7 Tue Nov 15 22:24:18 2011 +0200 +++ b/doc/man/doveadm-search-query.7 Wed Nov 16 00:28:32 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-SEARCH\-QUERY 7 "2010-06-24" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-SEARCH\-QUERY 7 "2011-11-16" "Dovecot v2.0" "Dovecot" .SH NAME doveadm\-search\-query \- Overview of search queries for doveadm mailbox \ commands @@ -169,7 +169,7 @@ .IR name . .\"----------------- .TP -.BI MAILBOX-GUID\ guid +.BI MAILBOX\-GUID\ guid Matches messages in the mailbox with the specified .IR guid . .\"----------------- From dovecot at dovecot.org Wed Nov 16 18:16:00 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 18:16:00 +0200 Subject: dovecot-2.1: login: Improved auth failed log messages. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/346c022df7af changeset: 13704:346c022df7af user: Timo Sirainen date: Wed Nov 16 18:15:46 2011 +0200 description: login: Improved auth failed log messages. diffstat: src/login-common/client-common.c | 23 +++++++++++++++++------ src/login-common/client-common.h | 1 + src/login-common/sasl-server.c | 3 +++ 3 files changed, 21 insertions(+), 6 deletions(-) diffs (85 lines): diff -r 5fefb7f1e6c4 -r 346c022df7af src/login-common/client-common.c --- a/src/login-common/client-common.c Wed Nov 16 00:28:32 2011 +0200 +++ b/src/login-common/client-common.c Wed Nov 16 18:15:46 2011 +0200 @@ -504,6 +504,9 @@ const char *client_get_extra_disconnect_reason(struct client *client) { + unsigned int auth_secs = client->auth_first_started == 0 ? 0 : + ioloop_time - client->auth_first_started; + if (client->set->auth_ssl_require_client_cert && client->ssl_proxy != NULL) { if (ssl_proxy_has_broken_client_cert(client->ssl_proxy)) @@ -512,8 +515,10 @@ return "(client didn't send a cert)"; } - if (client->auth_attempts == 0) - return "(no auth attempts)"; + if (client->auth_attempts == 0) { + return t_strdup_printf("(no auth attempts in %u secs)", + (unsigned int)(ioloop_time - client->created)); + } /* some auth attempts without SSL/TLS */ if (client->auth_tried_disabled_plaintext) @@ -523,8 +528,14 @@ return "(cert required, client didn't start TLS)"; if (client->auth_tried_unsupported_mech) return "(tried to use unsupported auth mechanism)"; - if (client->auth_request != NULL && client->auth_attempts == 1) - return "(disconnected while authenticating)"; + if (client->auth_request != NULL && client->auth_attempts == 1) { + return t_strdup_printf("(disconnected while authenticating, " + "waited %u secs)", auth_secs); + } + if (client->authenticating && client->auth_attempts == 1) { + return t_strdup_printf("(disconnected while finishing login, " + "waited %u secs)", auth_secs); + } if (client->auth_try_aborted && client->auth_attempts == 1) return "(aborted authentication)"; @@ -532,8 +543,8 @@ return t_strdup_printf("(internal failure, %u succesful auths)", client->auth_successes); } - return t_strdup_printf("(auth failed, %u attempts)", - client->auth_attempts); + return t_strdup_printf("(auth failed, %u attempts in %u secs)", + client->auth_attempts, auth_secs); } void client_send_line(struct client *client, enum client_cmd_reply reply, diff -r 5fefb7f1e6c4 -r 346c022df7af src/login-common/client-common.h --- a/src/login-common/client-common.h Wed Nov 16 00:28:32 2011 +0200 +++ b/src/login-common/client-common.h Wed Nov 16 18:15:46 2011 +0200 @@ -100,6 +100,7 @@ char *auth_mech_name; struct auth_client_request *auth_request; string_t *auth_response; + time_t auth_first_started; unsigned int master_auth_id; unsigned int master_tag; diff -r 5fefb7f1e6c4 -r 346c022df7af src/login-common/sasl-server.c --- a/src/login-common/sasl-server.c Wed Nov 16 00:28:32 2011 +0200 +++ b/src/login-common/sasl-server.c Wed Nov 16 18:15:46 2011 +0200 @@ -4,6 +4,7 @@ #include "base64.h" #include "buffer.h" #include "hex-binary.h" +#include "ioloop.h" #include "istream.h" #include "write-full.h" #include "strescape.h" @@ -277,6 +278,8 @@ client->auth_attempts++; client->authenticating = TRUE; + if (client->auth_first_started == 0) + client->auth_first_started = ioloop_time; i_free(client->auth_mech_name); client->auth_mech_name = str_ucase(i_strdup(mech_name)); client->sasl_callback = callback; From dovecot at dovecot.org Wed Nov 16 19:04:44 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 19:04:44 +0200 Subject: dovecot-2.1: master: Don't log errors at shutdown about services... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/ba5d4c918842 changeset: 13705:ba5d4c918842 user: Timo Sirainen date: Wed Nov 16 19:04:31 2011 +0200 description: master: Don't log errors at shutdown about services' "command startup failed". diffstat: src/master/service-monitor.c | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diffs (23 lines): diff -r 346c022df7af -r ba5d4c918842 src/master/service-monitor.c --- a/src/master/service-monitor.c Wed Nov 16 18:15:46 2011 +0200 +++ b/src/master/service-monitor.c Wed Nov 16 19:04:31 2011 +0200 @@ -289,7 +289,8 @@ { unsigned int i, count; - if (service->process_avail >= service->set->process_min_avail) + if (service->process_avail >= service->set->process_min_avail || + service->list->destroying) return; count = service->set->process_min_avail - service->process_avail; @@ -567,8 +568,7 @@ service_monitor_throttle(service); service_stopped = service->status_fd[0] == -1; if (!service_stopped) { - if (!service->list->destroying) - service_monitor_start_extra_avail(service); + service_monitor_start_extra_avail(service); if (service->to_throttle == NULL) service_monitor_listen_start(service); } From dovecot at dovecot.org Wed Nov 16 19:06:41 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 19:06:41 +0200 Subject: dovecot-2.0: config: Skip spaces between '<' and value in "key=<... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/6198fe13342c changeset: 12966:6198fe13342c user: Timo Sirainen date: Wed Nov 16 19:06:20 2011 +0200 description: config: Skip spaces between '<' and value in "key=< value" diffstat: src/config/config-parser.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r 071bb6a1b250 -r 6198fe13342c src/config/config-parser.c --- a/src/config/config-parser.c Wed Nov 16 00:28:32 2011 +0200 +++ b/src/config/config-parser.c Wed Nov 16 19:06:20 2011 +0200 @@ -612,6 +612,7 @@ while (IS_WHITE(*line)) line++; if (*line == '<') { + while (IS_WHITE(line[1])) line++; *value_r = line + 1; return CONFIG_LINE_TYPE_KEYFILE; } From dovecot at dovecot.org Wed Nov 16 19:07:10 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 19:07:10 +0200 Subject: dovecot-2.1: config: Skip spaces between '<' and value in "key=<... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/3368f9b3c8df changeset: 13706:3368f9b3c8df user: Timo Sirainen date: Wed Nov 16 19:06:20 2011 +0200 description: config: Skip spaces between '<' and value in "key=< value" diffstat: src/config/config-parser.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r ba5d4c918842 -r 3368f9b3c8df src/config/config-parser.c --- a/src/config/config-parser.c Wed Nov 16 19:04:31 2011 +0200 +++ b/src/config/config-parser.c Wed Nov 16 19:06:20 2011 +0200 @@ -612,6 +612,7 @@ while (IS_WHITE(*line)) line++; if (*line == '<') { + while (IS_WHITE(line[1])) line++; *value_r = line + 1; return CONFIG_LINE_TYPE_KEYFILE; } From dovecot at dovecot.org Wed Nov 16 19:15:40 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 19:15:40 +0200 Subject: dovecot-2.1: man: Dovecot version numbers updated. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/a695e124e62f changeset: 13707:a695e124e62f user: Timo Sirainen date: Wed Nov 16 19:14:43 2011 +0200 description: man: Dovecot version numbers updated. diffstat: doc/man/doveadm-altmove.1.in | 2 +- doc/man/doveadm-auth.1.in | 2 +- doc/man/doveadm-director.1.in | 2 +- doc/man/doveadm-dump.1.in | 2 +- doc/man/doveadm-expunge.1.in | 2 +- doc/man/doveadm-fetch.1.in | 2 +- doc/man/doveadm-force-resync.1.in | 2 +- doc/man/doveadm-help.1.in | 2 +- doc/man/doveadm-import.1.in | 2 +- doc/man/doveadm-index.1.in | 2 +- doc/man/doveadm-kick.1.in | 2 +- doc/man/doveadm-log.1.in | 2 +- doc/man/doveadm-mailbox.1.in | 2 +- doc/man/doveadm-move.1.in | 2 +- doc/man/doveadm-penalty.1.in | 2 +- doc/man/doveadm-purge.1.in | 2 +- doc/man/doveadm-pw.1.in | 2 +- doc/man/doveadm-quota.1.in | 2 +- doc/man/doveadm-search-query.7 | 2 +- doc/man/doveadm-search.1.in | 2 +- doc/man/doveadm-user.1.in | 2 +- doc/man/doveadm-who.1.in | 2 +- doc/man/doveadm.1.in | 2 +- doc/man/doveconf.1.in | 4 ++-- doc/man/dovecot-lda.1.in | 2 +- doc/man/dovecot.1.in | 2 +- doc/man/dsync.1.in | 2 +- 27 files changed, 28 insertions(+), 28 deletions(-) diffs (279 lines): diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-altmove.1.in --- a/doc/man/doveadm-altmove.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-altmove.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010-2011 Dovecot authors, see the included COPYING file -.TH DOVEADM\-ALTMOVE 1 "2011-09-15" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-ALTMOVE 1 "2011-09-15" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-altmove \- Move matching mails to the alternative storage (dbox\-only) .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-auth.1.in --- a/doc/man/doveadm-auth.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-auth.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-AUTH 1 "2010-06-09" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-AUTH 1 "2010-06-09" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-auth \- Test authentication for a user .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-director.1.in --- a/doc/man/doveadm-director.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-director.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-DIRECTOR 1 "2011-05-11" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-DIRECTOR 1 "2011-05-11" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-director \- Manage Dovecot directors .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-dump.1.in --- a/doc/man/doveadm-dump.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-dump.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-DUMP 1 "2010-06-22" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-DUMP 1 "2010-06-22" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-dump \- Dump the content of Dovecot\(aqs binary mailbox index/log .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-expunge.1.in --- a/doc/man/doveadm-expunge.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-expunge.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-EXPUNGE 1 "2010-11-25" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-EXPUNGE 1 "2010-11-25" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-expunge \- Expunge messages matching given search query .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-fetch.1.in --- a/doc/man/doveadm-fetch.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-fetch.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-FETCH 1 "2010-11-25" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-FETCH 1 "2010-11-25" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-fetch \- Fetch partial/full messages or message information .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-force-resync.1.in --- a/doc/man/doveadm-force-resync.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-force-resync.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-FORCE\-RESYNC 1 "2010-11-25" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-FORCE\-RESYNC 1 "2010-11-25" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-force\-resync \- Repair broken mailboxes .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-help.1.in --- a/doc/man/doveadm-help.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-help.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-HELP 1 "2010-06-22" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-HELP 1 "2010-06-22" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-help \- Show information about doveadm commands .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-import.1.in --- a/doc/man/doveadm-import.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-import.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-IMPORT 1 "2010-11-26" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-IMPORT 1 "2010-11-26" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-import \- Import messages matching given search query .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-index.1.in --- a/doc/man/doveadm-index.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-index.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010-2011 Dovecot authors, see the included COPYING file -.TH DOVEADM\-INDEX 1 "2011-05-11" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-INDEX 1 "2011-05-11" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-index \- Index mailboxes .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-kick.1.in --- a/doc/man/doveadm-kick.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-kick.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-KICK 1 "2010-06-12" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-KICK 1 "2010-06-12" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-kick \- Disconnect users by user name and/or IP address .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-log.1.in --- a/doc/man/doveadm-log.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-log.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-LOG 1 "2010-06-13" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-LOG 1 "2010-06-13" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-log \- Locate, test or reopen Dovecot\(aqs log files .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-mailbox.1.in --- a/doc/man/doveadm-mailbox.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-mailbox.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-MAILBOX 1 "2010-11-25" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-MAILBOX 1 "2010-11-25" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-mailbox \- Commands related to handling mailboxes .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-move.1.in --- a/doc/man/doveadm-move.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-move.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2011 Dovecot authors, see the included COPYING file -.TH DOVEADM\-MOVE 1 "2011-09-25" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-MOVE 1 "2011-09-25" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-move \- Move messages matching the given search query into another mailbox diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-penalty.1.in --- a/doc/man/doveadm-penalty.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-penalty.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-PENALTY 1 "2010-07-12" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-PENALTY 1 "2010-07-12" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-penalty \- Show current penalties .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-purge.1.in --- a/doc/man/doveadm-purge.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-purge.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-PURGE 1 "2010-11-25" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-PURGE 1 "2010-11-25" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-purge \- Remove messages with refcount=0 from mdbox files .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-pw.1.in --- a/doc/man/doveadm-pw.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-pw.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-PW 1 "2010-06-22" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-PW 1 "2010-06-22" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-pw \- Dovecot\(aqs password hash generator .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-quota.1.in --- a/doc/man/doveadm-quota.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-quota.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010-2011 Dovecot authors, see the included COPYING file -.TH DOVEADM\-QUOTA 1 "2011-02-17" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-QUOTA 1 "2011-02-17" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-quota \- Initialize/recalculate or show current quota usage .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-search-query.7 --- a/doc/man/doveadm-search-query.7 Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-search-query.7 Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-SEARCH\-QUERY 7 "2011-11-16" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-SEARCH\-QUERY 7 "2011-11-16" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-search\-query \- Overview of search queries for doveadm mailbox \ commands diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-search.1.in --- a/doc/man/doveadm-search.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-search.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-SEARCH 1 "2010-11-25" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-SEARCH 1 "2010-11-25" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-search \- Show a list of mailbox GUIDs and message UIDs matching \ given search query. diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-user.1.in --- a/doc/man/doveadm-user.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-user.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010-2011 Dovecot authors, see the included COPYING file -.TH DOVEADM\-USER 1 "2011-11-04" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-USER 1 "2011-11-04" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-user \- Perform a user lookup in Dovecot\(aqs userdbs .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm-who.1.in --- a/doc/man/doveadm-who.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm-who.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-WHO 1 "2010-07-12" "Dovecot v2.0" "Dovecot" +.TH DOVEADM\-WHO 1 "2010-07-12" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-who \- Show who is logged in to the Dovecot server .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveadm.1.in --- a/doc/man/doveadm.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveadm.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM 1 "2011-05-11" "Dovecot v2.0" "Dovecot" +.TH DOVEADM 1 "2011-05-11" "Dovecot v2.1" "Dovecot" .SH NAME doveadm \- Dovecot\(aqs administration utility .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/doveconf.1.in --- a/doc/man/doveconf.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/doveconf.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVECONF 1 "2011-05-11" "Dovecot v2.0" "Dovecot" +.TH DOVECONF 1 "2011-05-11" "Dovecot v2.1" "Dovecot" .SH NAME doveconf \- Dovecot\(aqs configuration dumping utility .\"------------------------------------------------------------------------ @@ -141,7 +141,7 @@ .fi .PP .B doveconf -can be also used to convert v1.x configuration files into v2.0 format. +can be also used to convert v1.x configuration files into v2.x format. .sp .nf .B doveconf \-n \-c /oldpath/dovecot.conf > \ diff -r 3368f9b3c8df -r a695e124e62f doc/man/dovecot-lda.1.in --- a/doc/man/dovecot-lda.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/dovecot-lda.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVECOT\-LDA 1 "2011-01-16" "Dovecot v2.0" "Dovecot" +.TH DOVECOT\-LDA 1 "2011-01-16" "Dovecot v2.1" "Dovecot" .SH NAME dovecot\-lda \- Dovecot\(aqs local mail delivery agent .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/dovecot.1.in --- a/doc/man/dovecot.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/dovecot.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVECOT 1 "2010-07-02" "Dovecot v2.0" "Dovecot" +.TH DOVECOT 1 "2010-07-02" "Dovecot v2.1" "Dovecot" .SH NAME dovecot \- a secure and highly configurable IMAP and POP3 server .\"------------------------------------------------------------------------ diff -r 3368f9b3c8df -r a695e124e62f doc/man/dsync.1.in --- a/doc/man/dsync.1.in Wed Nov 16 19:06:20 2011 +0200 +++ b/doc/man/dsync.1.in Wed Nov 16 19:14:43 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DSYNC 1 "2011-01-16" "Dovecot v2.0" "Dovecot" +.TH DSYNC 1 "2011-01-16" "Dovecot v2.1" "Dovecot" .SH NAME dsync \- Dovecot\(aqs mailbox synchronization utility .\"------------------------------------------------------------------------ From dovecot at dovecot.org Wed Nov 16 19:39:50 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 19:39:50 +0200 Subject: dovecot-2.1: lib-storage: Use namespace owner user's home dir fo... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/7559768b1491 changeset: 13708:7559768b1491 user: Timo Sirainen date: Wed Nov 16 19:38:16 2011 +0200 description: lib-storage: Use namespace owner user's home dir for autodetection (for shared namespaces). diffstat: src/lib-storage/index/dbox-multi/mdbox-storage.c | 2 +- src/lib-storage/index/maildir/maildir-storage.c | 2 +- src/lib-storage/index/mbox/mbox-storage.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diffs (36 lines): diff -r a695e124e62f -r 7559768b1491 src/lib-storage/index/dbox-multi/mdbox-storage.c --- a/src/lib-storage/index/dbox-multi/mdbox-storage.c Wed Nov 16 19:14:43 2011 +0200 +++ b/src/lib-storage/index/dbox-multi/mdbox-storage.c Wed Nov 16 19:38:16 2011 +0200 @@ -87,7 +87,7 @@ bool debug = ns->mail_set->mail_debug; const char *home, *path; - if (mail_user_get_home(ns->user, &home) > 0) { + if (mail_user_get_home(ns->owner, &home) > 0) { path = t_strconcat(home, "/mdbox", NULL); if (access(path, R_OK|W_OK|X_OK) == 0) { if (debug) diff -r a695e124e62f -r 7559768b1491 src/lib-storage/index/maildir/maildir-storage.c --- a/src/lib-storage/index/maildir/maildir-storage.c Wed Nov 16 19:14:43 2011 +0200 +++ b/src/lib-storage/index/maildir/maildir-storage.c Wed Nov 16 19:38:16 2011 +0200 @@ -97,7 +97,7 @@ /* we'll need to figure out the maildir location ourself. It's ~/Maildir unless we are chrooted. */ - if (mail_user_get_home(ns->user, &home) > 0) { + if (mail_user_get_home(ns->owner, &home) > 0) { path = t_strconcat(home, "/Maildir", NULL); if (access(path, R_OK|W_OK|X_OK) == 0) { if (debug) diff -r a695e124e62f -r 7559768b1491 src/lib-storage/index/mbox/mbox-storage.c --- a/src/lib-storage/index/mbox/mbox-storage.c Wed Nov 16 19:14:43 2011 +0200 +++ b/src/lib-storage/index/mbox/mbox-storage.c Wed Nov 16 19:38:16 2011 +0200 @@ -246,7 +246,7 @@ bool debug = ns->mail_set->mail_debug; const char *home, *path; - if (mail_user_get_home(ns->user, &home) <= 0) { + if (mail_user_get_home(ns->owner, &home) <= 0) { if (debug) i_debug("maildir: Home directory not set"); home = ""; From dovecot at dovecot.org Wed Nov 16 19:39:50 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 19:39:50 +0200 Subject: dovecot-2.1: lib-storage: Crashfix for "auto" driver in some sit... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/e5fb66051028 changeset: 13709:e5fb66051028 user: Timo Sirainen date: Wed Nov 16 19:38:55 2011 +0200 description: lib-storage: Crashfix for "auto" driver in some situations. diffstat: src/lib-storage/mail-storage.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diffs (13 lines): diff -r 7559768b1491 -r e5fb66051028 src/lib-storage/mail-storage.c --- a/src/lib-storage/mail-storage.c Wed Nov 16 19:38:16 2011 +0200 +++ b/src/lib-storage/mail-storage.c Wed Nov 16 19:38:55 2011 +0200 @@ -136,7 +136,8 @@ /* no mail_location, autodetect */ } else if (strcmp(driver, "auto") == 0) { /* explicit autodetection with "auto" driver. */ - if (*list_set->root_dir == '\0') { + if (list_set->root_dir != NULL && + *list_set->root_dir == '\0') { /* handle the same as with driver=NULL */ list_set->root_dir = NULL; } From dovecot at dovecot.org Wed Nov 16 19:39:50 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 19:39:50 +0200 Subject: dovecot-2.1: lib-storage: Improved storage creation failure erro... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/f11ce0efa6a8 changeset: 13710:f11ce0efa6a8 user: Timo Sirainen date: Wed Nov 16 19:39:18 2011 +0200 description: lib-storage: Improved storage creation failure error message for "auto" driver. diffstat: src/lib-storage/mail-storage.c | 10 +++++++--- 1 files changed, 7 insertions(+), 3 deletions(-) diffs (23 lines): diff -r e5fb66051028 -r f11ce0efa6a8 src/lib-storage/mail-storage.c --- a/src/lib-storage/mail-storage.c Wed Nov 16 19:38:55 2011 +0200 +++ b/src/lib-storage/mail-storage.c Wed Nov 16 19:39:18 2011 +0200 @@ -180,12 +180,16 @@ if (storage_class != NULL) return storage_class; + (void)mail_user_get_home(ns->user, &home); + if (home == NULL || *home == '\0') home = "(not set)"; + if (ns->set->location == NULL || *ns->set->location == '\0') { - (void)mail_user_get_home(ns->user, &home); - if (home == NULL || *home == '\0') home = "(not set)"; - *error_r = t_strdup_printf( "Mail storage autodetection failed with home=%s", home); + } else if (strncmp(ns->set->location, "auto:", 5) == 0) { + *error_r = t_strdup_printf( + "Autodetection failed for %s (home=%s)", + ns->set->location, home); } else { *error_r = t_strdup_printf( "Ambiguous mail location setting, " From dovecot at dovecot.org Wed Nov 16 19:39:50 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 19:39:50 +0200 Subject: dovecot-2.1: lib-storage: Fixed using "auto" driver with shared ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/e0556ffd1527 changeset: 13711:e0556ffd1527 user: Timo Sirainen date: Wed Nov 16 19:39:33 2011 +0200 description: lib-storage: Fixed using "auto" driver with shared namespaces. diffstat: src/lib-storage/index/shared/shared-storage.c | 14 ++++++++++---- src/lib-storage/index/shared/shared-storage.h | 2 +- 2 files changed, 11 insertions(+), 5 deletions(-) diffs (61 lines): diff -r f11ce0efa6a8 -r e0556ffd1527 src/lib-storage/index/shared/shared-storage.c --- a/src/lib-storage/index/shared/shared-storage.c Wed Nov 16 19:39:18 2011 +0200 +++ b/src/lib-storage/index/shared/shared-storage.c Wed Nov 16 19:39:33 2011 +0200 @@ -31,6 +31,7 @@ const char **error_r) { struct shared_storage *storage = (struct shared_storage *)_storage; + struct mail_storage *storage_class; const char *driver, *p; char *wildcardp, key; bool have_username; @@ -45,13 +46,14 @@ storage->location = p_strdup(_storage->pool, ns->set->location); storage->unexpanded_location = p_strdup(_storage->pool, ns->unexpanded_set->location); - storage->storage_class = mail_storage_find_class(driver); - if (storage->storage_class == NULL) { + storage_class = mail_storage_find_class(driver); + if (storage_class != NULL) + _storage->class_flags = storage_class->class_flags; + else if (strcmp(driver, "auto") != 0) { *error_r = t_strconcat("Unknown shared storage driver: ", driver, NULL); return -1; } - _storage->class_flags = storage->storage_class->class_flags; wildcardp = strchr(ns->prefix, '%'); if (wildcardp == NULL) { @@ -106,7 +108,7 @@ { /* user wasn't found. we'll still need to create the storage to avoid exposing which users exist and which don't. */ - str_append(location, storage->storage_class->name); + str_append(location, storage->storage_class_name); str_append_c(location, ':'); /* use a reachable but nonexistent path as the mail root directory */ @@ -309,6 +311,10 @@ *_name = mailbox_list_get_storage_name(new_ns->list, t_strconcat(new_ns->prefix, name, NULL)); *_ns = new_ns; + if (_storage->class_flags == 0) { + /* flags are unset if we were using "auto" storage */ + _storage->class_flags = new_ns->storage->class_flags; + } mail_user_add_namespace(user, &new_ns); return 0; diff -r f11ce0efa6a8 -r e0556ffd1527 src/lib-storage/index/shared/shared-storage.h --- a/src/lib-storage/index/shared/shared-storage.h Wed Nov 16 19:39:18 2011 +0200 +++ b/src/lib-storage/index/shared/shared-storage.h Wed Nov 16 19:39:33 2011 +0200 @@ -10,7 +10,7 @@ const char *ns_prefix_pattern; const char *location, *unexpanded_location; - struct mail_storage *storage_class; + const char *storage_class_name; }; struct mailbox_list *shared_mailbox_list_alloc(void); From dovecot at dovecot.org Wed Nov 16 19:42:25 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 19:42:25 +0200 Subject: dovecot-2.0: lib-storage: Use namespace owner user's home dir fo... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/ce08f9903c79 changeset: 12967:ce08f9903c79 user: Timo Sirainen date: Wed Nov 16 19:38:16 2011 +0200 description: lib-storage: Use namespace owner user's home dir for autodetection (for shared namespaces). diffstat: src/lib-storage/index/dbox-multi/mdbox-storage.c | 2 +- src/lib-storage/index/maildir/maildir-storage.c | 2 +- src/lib-storage/index/mbox/mbox-storage.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diffs (36 lines): diff -r 6198fe13342c -r ce08f9903c79 src/lib-storage/index/dbox-multi/mdbox-storage.c --- a/src/lib-storage/index/dbox-multi/mdbox-storage.c Wed Nov 16 19:06:20 2011 +0200 +++ b/src/lib-storage/index/dbox-multi/mdbox-storage.c Wed Nov 16 19:38:16 2011 +0200 @@ -87,7 +87,7 @@ bool debug = ns->mail_set->mail_debug; const char *home, *path; - if (mail_user_get_home(ns->user, &home) > 0) { + if (mail_user_get_home(ns->owner, &home) > 0) { path = t_strconcat(home, "/mdbox", NULL); if (access(path, R_OK|W_OK|X_OK) == 0) { if (debug) diff -r 6198fe13342c -r ce08f9903c79 src/lib-storage/index/maildir/maildir-storage.c --- a/src/lib-storage/index/maildir/maildir-storage.c Wed Nov 16 19:06:20 2011 +0200 +++ b/src/lib-storage/index/maildir/maildir-storage.c Wed Nov 16 19:38:16 2011 +0200 @@ -98,7 +98,7 @@ /* we'll need to figure out the maildir location ourself. It's ~/Maildir unless we are chrooted. */ - if (mail_user_get_home(ns->user, &home) > 0) { + if (mail_user_get_home(ns->owner, &home) > 0) { path = t_strconcat(home, "/Maildir", NULL); if (access(path, R_OK|W_OK|X_OK) == 0) { if (debug) diff -r 6198fe13342c -r ce08f9903c79 src/lib-storage/index/mbox/mbox-storage.c --- a/src/lib-storage/index/mbox/mbox-storage.c Wed Nov 16 19:06:20 2011 +0200 +++ b/src/lib-storage/index/mbox/mbox-storage.c Wed Nov 16 19:38:16 2011 +0200 @@ -247,7 +247,7 @@ bool debug = ns->mail_set->mail_debug; const char *home, *path; - if (mail_user_get_home(ns->user, &home) <= 0) { + if (mail_user_get_home(ns->owner, &home) <= 0) { if (debug) i_debug("maildir: Home directory not set"); home = ""; From dovecot at dovecot.org Wed Nov 16 19:42:26 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 19:42:26 +0200 Subject: dovecot-2.0: lib-storage: Crashfix for "auto" driver in some sit... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/ac3669e24a99 changeset: 12968:ac3669e24a99 user: Timo Sirainen date: Wed Nov 16 19:38:55 2011 +0200 description: lib-storage: Crashfix for "auto" driver in some situations. diffstat: src/lib-storage/mail-storage.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diffs (13 lines): diff -r ce08f9903c79 -r ac3669e24a99 src/lib-storage/mail-storage.c --- a/src/lib-storage/mail-storage.c Wed Nov 16 19:38:16 2011 +0200 +++ b/src/lib-storage/mail-storage.c Wed Nov 16 19:38:55 2011 +0200 @@ -134,7 +134,8 @@ /* no mail_location, autodetect */ } else if (strcmp(driver, "auto") == 0) { /* explicit autodetection with "auto" driver. */ - if (*list_set->root_dir == '\0') { + if (list_set->root_dir != NULL && + *list_set->root_dir == '\0') { /* handle the same as with driver=NULL */ list_set->root_dir = NULL; } From dovecot at dovecot.org Wed Nov 16 19:42:26 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 19:42:26 +0200 Subject: dovecot-2.0: lib-storage: Improved storage creation failure erro... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/95b08f167d68 changeset: 12969:95b08f167d68 user: Timo Sirainen date: Wed Nov 16 19:39:18 2011 +0200 description: lib-storage: Improved storage creation failure error message for "auto" driver. diffstat: src/lib-storage/mail-storage.c | 10 +++++++--- 1 files changed, 7 insertions(+), 3 deletions(-) diffs (23 lines): diff -r ac3669e24a99 -r 95b08f167d68 src/lib-storage/mail-storage.c --- a/src/lib-storage/mail-storage.c Wed Nov 16 19:38:55 2011 +0200 +++ b/src/lib-storage/mail-storage.c Wed Nov 16 19:39:18 2011 +0200 @@ -175,12 +175,16 @@ if (storage_class != NULL) return storage_class; + (void)mail_user_get_home(ns->user, &home); + if (home == NULL || *home == '\0') home = "(not set)"; + if (ns->set->location == NULL || *ns->set->location == '\0') { - (void)mail_user_get_home(ns->user, &home); - if (home == NULL || *home == '\0') home = "(not set)"; - *error_r = t_strdup_printf( "Mail storage autodetection failed with home=%s", home); + } else if (strncmp(ns->set->location, "auto:", 5) == 0) { + *error_r = t_strdup_printf( + "Autodetection failed for %s (home=%s)", + ns->set->location, home); } else { *error_r = t_strdup_printf( "Ambiguous mail location setting, " From dovecot at dovecot.org Wed Nov 16 19:42:26 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 19:42:26 +0200 Subject: dovecot-2.0: lib-storage: Fixed using "auto" driver with shared ... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/18078d6cce84 changeset: 12970:18078d6cce84 user: Timo Sirainen date: Wed Nov 16 19:39:33 2011 +0200 description: lib-storage: Fixed using "auto" driver with shared namespaces. diffstat: src/lib-storage/index/shared/shared-storage.c | 14 ++++++++++---- src/lib-storage/index/shared/shared-storage.h | 2 +- 2 files changed, 11 insertions(+), 5 deletions(-) diffs (61 lines): diff -r 95b08f167d68 -r 18078d6cce84 src/lib-storage/index/shared/shared-storage.c --- a/src/lib-storage/index/shared/shared-storage.c Wed Nov 16 19:39:18 2011 +0200 +++ b/src/lib-storage/index/shared/shared-storage.c Wed Nov 16 19:39:33 2011 +0200 @@ -31,6 +31,7 @@ const char **error_r) { struct shared_storage *storage = (struct shared_storage *)_storage; + struct mail_storage *storage_class; const char *driver, *p; char *wildcardp, key; bool have_username; @@ -45,13 +46,14 @@ storage->location = p_strdup(_storage->pool, ns->set->location); storage->unexpanded_location = p_strdup(_storage->pool, ns->unexpanded_set->location); - storage->storage_class = mail_storage_find_class(driver); - if (storage->storage_class == NULL) { + storage_class = mail_storage_find_class(driver); + if (storage_class != NULL) + _storage->class_flags = storage_class->class_flags; + else if (strcmp(driver, "auto") != 0) { *error_r = t_strconcat("Unknown shared storage driver: ", driver, NULL); return -1; } - _storage->class_flags = storage->storage_class->class_flags; wildcardp = strchr(ns->prefix, '%'); if (wildcardp == NULL) { @@ -106,7 +108,7 @@ { /* user wasn't found. we'll still need to create the storage to avoid exposing which users exist and which don't. */ - str_append(location, storage->storage_class->name); + str_append(location, storage->storage_class_name); str_append_c(location, ':'); /* use a reachable but nonexistent path as the mail root directory */ @@ -306,6 +308,10 @@ ns->flags |= NAMESPACE_FLAG_USABLE; *_name = mail_namespace_fix_sep(new_ns, name); *_ns = new_ns; + if (_storage->class_flags == 0) { + /* flags are unset if we were using "auto" storage */ + _storage->class_flags = new_ns->storage->class_flags; + } mail_user_add_namespace(user, &new_ns); return 0; diff -r 95b08f167d68 -r 18078d6cce84 src/lib-storage/index/shared/shared-storage.h --- a/src/lib-storage/index/shared/shared-storage.h Wed Nov 16 19:39:18 2011 +0200 +++ b/src/lib-storage/index/shared/shared-storage.h Wed Nov 16 19:39:33 2011 +0200 @@ -10,7 +10,7 @@ const char *ns_prefix_pattern; const char *location, *unexpanded_location; - struct mail_storage *storage_class; + const char *storage_class_name; }; struct mailbox_list *shared_mailbox_list_alloc(void); From dovecot at dovecot.org Wed Nov 16 19:48:06 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 19:48:06 +0200 Subject: dovecot-2.1: lib-storage: Fixed error handling for mailbox_set_s... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/4bdfe947a0b2 changeset: 13712:4bdfe947a0b2 user: Timo Sirainen date: Wed Nov 16 19:48:01 2011 +0200 description: lib-storage: Fixed error handling for mailbox_set_subscribed() diffstat: src/lib-storage/mail-storage.c | 6 +++++- 1 files changed, 5 insertions(+), 1 deletions(-) diffs (16 lines): diff -r e0556ffd1527 -r 4bdfe947a0b2 src/lib-storage/mail-storage.c --- a/src/lib-storage/mail-storage.c Wed Nov 16 19:39:33 2011 +0200 +++ b/src/lib-storage/mail-storage.c Wed Nov 16 19:48:01 2011 +0200 @@ -1154,7 +1154,11 @@ list = ns->list; } - return mailbox_list_set_subscribed(list, subs_name, set); + if (mailbox_list_set_subscribed(list, subs_name, set) < 0) { + mail_storage_copy_list_error(box->storage, list); + return -1; + } + return 0; } struct mail_storage *mailbox_get_storage(const struct mailbox *box) From dovecot at dovecot.org Wed Nov 16 20:00:48 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 20:00:48 +0200 Subject: dovecot-2.1: lib-storage: Fixed listing subscriptions from prefi... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/16024d03f66e changeset: 13713:16024d03f66e user: Timo Sirainen date: Wed Nov 16 20:00:37 2011 +0200 description: lib-storage: Fixed listing subscriptions from prefix!="" namespace diffstat: src/lib-storage/list/mailbox-list-subscriptions.c | 5 ++++- 1 files changed, 4 insertions(+), 1 deletions(-) diffs (15 lines): diff -r 4bdfe947a0b2 -r 16024d03f66e src/lib-storage/list/mailbox-list-subscriptions.c --- a/src/lib-storage/list/mailbox-list-subscriptions.c Wed Nov 16 19:48:01 2011 +0200 +++ b/src/lib-storage/list/mailbox-list-subscriptions.c Wed Nov 16 20:00:37 2011 +0200 @@ -224,7 +224,10 @@ mailbox_list_subscriptions_fill(&ctx->ctx, ctx->tree); ctx->info.ns = list->ns; - ctx->iter = mailbox_tree_iterate_init(ctx->tree, NULL, 0); + /* the tree usually has only those entries we want to iterate through, + but there are also non-matching root entries (e.g. "LSUB foo/%" will + include the "foo"), which we'll drop with MAILBOX_MATCHED. */ + ctx->iter = mailbox_tree_iterate_init(ctx->tree, NULL, MAILBOX_MATCHED); return &ctx->ctx; } From dovecot at dovecot.org Wed Nov 16 20:24:15 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 20:24:15 +0200 Subject: dovecot-2.1: lib-storage: Added local/remote port to struct mail... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/bca3950cad53 changeset: 13714:bca3950cad53 user: Timo Sirainen date: Wed Nov 16 20:23:50 2011 +0200 description: lib-storage: Added local/remote port to struct mail_storage_service_input for userdb lookups. diffstat: src/lib-storage/mail-storage-service.c | 2 ++ src/lib-storage/mail-storage-service.h | 1 + 2 files changed, 3 insertions(+), 0 deletions(-) diffs (23 lines): diff -r 16024d03f66e -r bca3950cad53 src/lib-storage/mail-storage-service.c --- a/src/lib-storage/mail-storage-service.c Wed Nov 16 20:00:37 2011 +0200 +++ b/src/lib-storage/mail-storage-service.c Wed Nov 16 20:23:50 2011 +0200 @@ -285,6 +285,8 @@ info.service = ctx->service->name; info.local_ip = input->local_ip; info.remote_ip = input->remote_ip; + info.local_port = input->local_port; + info.remote_port = input->remote_port; ret = auth_master_user_lookup(ctx->conn, *user, &info, pool, &new_username, fields_r); diff -r 16024d03f66e -r bca3950cad53 src/lib-storage/mail-storage-service.h --- a/src/lib-storage/mail-storage-service.h Wed Nov 16 20:00:37 2011 +0200 +++ b/src/lib-storage/mail-storage-service.h Wed Nov 16 20:23:50 2011 +0200 @@ -41,6 +41,7 @@ const char *service; const char *username; struct ip_addr local_ip, remote_ip; + unsigned int local_port, remote_port; const char *const *userdb_fields; From dovecot at dovecot.org Wed Nov 16 20:24:15 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 20:24:15 +0200 Subject: dovecot-2.1: lmtp: Include local/remote port in userdb lookups. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/9ead5aea2ce4 changeset: 13715:9ead5aea2ce4 user: Timo Sirainen date: Wed Nov 16 20:24:07 2011 +0200 description: lmtp: Include local/remote port in userdb lookups. diffstat: src/lmtp/commands.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diffs (12 lines): diff -r bca3950cad53 -r 9ead5aea2ce4 src/lmtp/commands.c --- a/src/lmtp/commands.c Wed Nov 16 20:23:50 2011 +0200 +++ b/src/lmtp/commands.c Wed Nov 16 20:24:07 2011 +0200 @@ -426,6 +426,8 @@ input.username = username; input.local_ip = client->local_ip; input.remote_ip = client->remote_ip; + input.local_port = client->local_port; + input.remote_port = client->remote_port; ret = mail_storage_service_lookup(storage_service, &input, &rcpt.service_user, &error); From dovecot at dovecot.org Wed Nov 16 20:24:50 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 20:24:50 +0200 Subject: dovecot-2.0: lib-storage: Added local/remote port to struct mail... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/e5ca61d1fd40 changeset: 12971:e5ca61d1fd40 user: Timo Sirainen date: Wed Nov 16 20:23:50 2011 +0200 description: lib-storage: Added local/remote port to struct mail_storage_service_input for userdb lookups. diffstat: src/lib-storage/mail-storage-service.c | 2 ++ src/lib-storage/mail-storage-service.h | 1 + 2 files changed, 3 insertions(+), 0 deletions(-) diffs (23 lines): diff -r 18078d6cce84 -r e5ca61d1fd40 src/lib-storage/mail-storage-service.c --- a/src/lib-storage/mail-storage-service.c Wed Nov 16 19:39:33 2011 +0200 +++ b/src/lib-storage/mail-storage-service.c Wed Nov 16 20:23:50 2011 +0200 @@ -274,6 +274,8 @@ info.service = ctx->service->name; info.local_ip = input->local_ip; info.remote_ip = input->remote_ip; + info.local_port = input->local_port; + info.remote_port = input->remote_port; ret = auth_master_user_lookup(ctx->conn, *user, &info, pool, &new_username, fields_r); diff -r 18078d6cce84 -r e5ca61d1fd40 src/lib-storage/mail-storage-service.h --- a/src/lib-storage/mail-storage-service.h Wed Nov 16 19:39:33 2011 +0200 +++ b/src/lib-storage/mail-storage-service.h Wed Nov 16 20:23:50 2011 +0200 @@ -41,6 +41,7 @@ const char *service; const char *username; struct ip_addr local_ip, remote_ip; + unsigned int local_port, remote_port; const char *const *userdb_fields; From dovecot at dovecot.org Wed Nov 16 20:24:50 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 20:24:50 +0200 Subject: dovecot-2.0: lmtp: Include local/remote port in userdb lookups. Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/2f6c0ab7d043 changeset: 12972:2f6c0ab7d043 user: Timo Sirainen date: Wed Nov 16 20:24:07 2011 +0200 description: lmtp: Include local/remote port in userdb lookups. diffstat: src/lmtp/commands.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diffs (12 lines): diff -r e5ca61d1fd40 -r 2f6c0ab7d043 src/lmtp/commands.c --- a/src/lmtp/commands.c Wed Nov 16 20:23:50 2011 +0200 +++ b/src/lmtp/commands.c Wed Nov 16 20:24:07 2011 +0200 @@ -426,6 +426,8 @@ input.username = username; input.local_ip = client->local_ip; input.remote_ip = client->remote_ip; + input.local_port = client->local_port; + input.remote_port = client->remote_port; ret = mail_storage_service_lookup(storage_service, &input, &rcpt.service_user, &error); From dovecot at dovecot.org Wed Nov 16 22:13:47 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 22:13:47 +0200 Subject: dovecot-2.1: checkpassword: Export all auth %variables to AUTH_*... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/0a94dfe6ac92 changeset: 13716:0a94dfe6ac92 user: Timo Sirainen date: Wed Nov 16 22:13:35 2011 +0200 description: checkpassword: Export all auth %variables to AUTH_* environment. diffstat: src/auth/db-checkpassword.c | 16 ++++++++++++++++ 1 files changed, 16 insertions(+), 0 deletions(-) diffs (33 lines): diff -r 9ead5aea2ce4 -r 0a94dfe6ac92 src/auth/db-checkpassword.c --- a/src/auth/db-checkpassword.c Wed Nov 16 20:24:07 2011 +0200 +++ b/src/auth/db-checkpassword.c Wed Nov 16 22:13:35 2011 +0200 @@ -86,6 +86,21 @@ } } +static void env_put_auth_vars(struct auth_request *request) +{ + const struct var_expand_table *tab; + unsigned int i; + + tab = auth_request_get_var_expand_table(request, NULL); + for (i = 0; tab[i].key != '\0' || tab[i].long_key != NULL; i++) { + if (tab[i].long_key != NULL && tab[i].value != NULL) { + env_put(t_strdup_printf("AUTH_%s=%s", + t_str_ucase(tab[i].long_key), + tab[i].value)); + } + } +} + void checkpassword_setup_env(struct auth_request *request) { /* Besides passing the standard username and password in a @@ -128,6 +143,7 @@ /* extra fields could come from master db */ env_put_extra_fields(fields); } + env_put_auth_vars(request); } const char * From dovecot at dovecot.org Wed Nov 16 22:14:01 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 22:14:01 +0200 Subject: dovecot-2.0: checkpassword: Export all auth %variables to AUTH_*... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/629629e65d83 changeset: 12973:629629e65d83 user: Timo Sirainen date: Wed Nov 16 22:13:35 2011 +0200 description: checkpassword: Export all auth %variables to AUTH_* environment. diffstat: src/auth/db-checkpassword.c | 16 ++++++++++++++++ 1 files changed, 16 insertions(+), 0 deletions(-) diffs (33 lines): diff -r 2f6c0ab7d043 -r 629629e65d83 src/auth/db-checkpassword.c --- a/src/auth/db-checkpassword.c Wed Nov 16 20:24:07 2011 +0200 +++ b/src/auth/db-checkpassword.c Wed Nov 16 22:13:35 2011 +0200 @@ -86,6 +86,21 @@ } } +static void env_put_auth_vars(struct auth_request *request) +{ + const struct var_expand_table *tab; + unsigned int i; + + tab = auth_request_get_var_expand_table(request, NULL); + for (i = 0; tab[i].key != '\0' || tab[i].long_key != NULL; i++) { + if (tab[i].long_key != NULL && tab[i].value != NULL) { + env_put(t_strdup_printf("AUTH_%s=%s", + t_str_ucase(tab[i].long_key), + tab[i].value)); + } + } +} + void checkpassword_setup_env(struct auth_request *request) { /* Besides passing the standard username and password in a @@ -128,6 +143,7 @@ /* extra fields could come from master db */ env_put_extra_fields(fields); } + env_put_auth_vars(request); } const char * From dovecot at dovecot.org Wed Nov 16 22:14:41 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 22:14:41 +0200 Subject: dovecot-2.0: lib-lda: Don't send MAIL FROM to LMTP/SMTP server b... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/ac5e9e70ca6b changeset: 12974:ac5e9e70ca6b user: Timo Sirainen date: Wed Nov 16 22:14:35 2011 +0200 description: lib-lda: Don't send MAIL FROM to LMTP/SMTP server before it replied to LHLO/EHLO. diffstat: src/lib-lda/lmtp-client.c | 12 ++++++++---- 1 files changed, 8 insertions(+), 4 deletions(-) diffs (52 lines): diff -r 629629e65d83 -r ac5e9e70ca6b src/lib-lda/lmtp-client.c --- a/src/lib-lda/lmtp-client.c Wed Nov 16 22:13:35 2011 +0200 +++ b/src/lib-lda/lmtp-client.c Wed Nov 16 22:14:35 2011 +0200 @@ -330,7 +330,6 @@ static void lmtp_client_send_handshake(struct lmtp_client *client) { - o_stream_cork(client->output); switch (client->protocol) { case LMTP_CLIENT_PROTOCOL_LMTP: o_stream_send_str(client->output, @@ -343,9 +342,6 @@ client->set.my_hostname)); break; } - o_stream_send_str(client->output, - t_strdup_printf("MAIL FROM:%s\r\n", client->set.mail_from)); - o_stream_uncork(client->output); } static int lmtp_input_get_reply_code(const char *line, int *reply_code_r) @@ -395,6 +391,11 @@ lmtp_client_fail(client, line); return -1; } + if (client->input_state == LMTP_INPUT_STATE_LHLO) { + o_stream_send_str(client->output, + t_strdup_printf("MAIL FROM:%s\r\n", + client->set.mail_from)); + } client->input_state++; lmtp_client_send_rcpts(client); break; @@ -432,8 +433,10 @@ const char *line; lmtp_client_ref(client); + o_stream_cork(client->output); while ((line = i_stream_read_next_line(client->input)) != NULL) { if (lmtp_client_input_line(client, line) < 0) { + o_stream_uncork(client->output); lmtp_client_unref(&client); return; } @@ -448,6 +451,7 @@ lmtp_client_fail(client, ERRSTR_TEMP_REMOTE_FAILURE " (disconnected in input)"); } + o_stream_uncork(client->output); lmtp_client_unref(&client); } From dovecot at dovecot.org Wed Nov 16 22:24:42 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 22:24:42 +0200 Subject: dovecot-2.0: lib-lda: Removed corking from lmtp client input, fo... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/57b4c6b7f407 changeset: 12975:57b4c6b7f407 user: Timo Sirainen date: Wed Nov 16 22:24:31 2011 +0200 description: lib-lda: Removed corking from lmtp client input, for now.. Apparently causing crashes and I want a new release soon. diffstat: src/lib-lda/lmtp-client.c | 3 --- 1 files changed, 0 insertions(+), 3 deletions(-) diffs (22 lines): diff -r ac5e9e70ca6b -r 57b4c6b7f407 src/lib-lda/lmtp-client.c --- a/src/lib-lda/lmtp-client.c Wed Nov 16 22:14:35 2011 +0200 +++ b/src/lib-lda/lmtp-client.c Wed Nov 16 22:24:31 2011 +0200 @@ -433,10 +433,8 @@ const char *line; lmtp_client_ref(client); - o_stream_cork(client->output); while ((line = i_stream_read_next_line(client->input)) != NULL) { if (lmtp_client_input_line(client, line) < 0) { - o_stream_uncork(client->output); lmtp_client_unref(&client); return; } @@ -451,7 +449,6 @@ lmtp_client_fail(client, ERRSTR_TEMP_REMOTE_FAILURE " (disconnected in input)"); } - o_stream_uncork(client->output); lmtp_client_unref(&client); } From dovecot at dovecot.org Wed Nov 16 22:59:58 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 22:59:58 +0200 Subject: dovecot-2.1: i_getgr*(): Use a generic workaround for all OSes t... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/b0c0d11792fc changeset: 13717:b0c0d11792fc user: Timo Sirainen date: Wed Nov 16 22:59:36 2011 +0200 description: i_getgr*(): Use a generic workaround for all OSes that report too small grbuf size. diffstat: src/lib/ipwd.c | 9 +++++---- 1 files changed, 5 insertions(+), 4 deletions(-) diffs (20 lines): diff -r 0a94dfe6ac92 -r b0c0d11792fc src/lib/ipwd.c --- a/src/lib/ipwd.c Wed Nov 16 22:13:35 2011 +0200 +++ b/src/lib/ipwd.c Wed Nov 16 22:59:36 2011 +0200 @@ -31,11 +31,12 @@ long size; if (grbuf == NULL) { - /* OpenBSD up to 4.9 reports too low value in sysconf() */ -#if !defined(__OpenBSD__) || OpenBSD >= 201111 size = sysconf(_SC_GETGR_R_SIZE_MAX); - if (size < 0) -#endif + /* Some BSDs return too low value for this. instead of trying + to figure out exactly which, just make sure it's at least + a reasonable size. if the real size is smaller, it doesn't + matter much that we waste a few kilobytes of memory. */ + if (size < DEFAULT_GRBUF_SIZE) size = DEFAULT_GRBUF_SIZE; grbuf_size = size; From dovecot at dovecot.org Wed Nov 16 23:00:18 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 23:00:18 +0200 Subject: dovecot-2.0: i_getgr*(): Use a generic workaround for all OSes t... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/e4aa32586f17 changeset: 12976:e4aa32586f17 user: Timo Sirainen date: Wed Nov 16 22:59:36 2011 +0200 description: i_getgr*(): Use a generic workaround for all OSes that report too small grbuf size. diffstat: src/lib/ipwd.c | 9 +++++---- 1 files changed, 5 insertions(+), 4 deletions(-) diffs (20 lines): diff -r 57b4c6b7f407 -r e4aa32586f17 src/lib/ipwd.c --- a/src/lib/ipwd.c Wed Nov 16 22:24:31 2011 +0200 +++ b/src/lib/ipwd.c Wed Nov 16 22:59:36 2011 +0200 @@ -31,11 +31,12 @@ long size; if (grbuf == NULL) { - /* OpenBSD up to 4.9 reports too low value in sysconf() */ -#if !defined(__OpenBSD__) || OpenBSD >= 201111 size = sysconf(_SC_GETGR_R_SIZE_MAX); - if (size < 0) -#endif + /* Some BSDs return too low value for this. instead of trying + to figure out exactly which, just make sure it's at least + a reasonable size. if the real size is smaller, it doesn't + matter much that we waste a few kilobytes of memory. */ + if (size < DEFAULT_GRBUF_SIZE) size = DEFAULT_GRBUF_SIZE; grbuf_size = size; From dovecot at dovecot.org Wed Nov 16 23:31:57 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 23:31:57 +0200 Subject: dovecot-2.0: login proxy: Verify SSL certificate hostname when c... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/5e9eaf63a6b1 changeset: 12977:5e9eaf63a6b1 user: Timo Sirainen date: Wed Nov 16 23:31:46 2011 +0200 description: login proxy: Verify SSL certificate hostname when connecting to remote server. diffstat: src/login-common/login-proxy.c | 18 +++++-- src/login-common/ssl-proxy-openssl.c | 82 ++++++++++++++++++++++++++++++++++++ src/login-common/ssl-proxy.c | 6 ++ src/login-common/ssl-proxy.h | 1 + 4 files changed, 101 insertions(+), 6 deletions(-) diffs (160 lines): diff -r e4aa32586f17 -r 5e9eaf63a6b1 src/login-common/login-proxy.c --- a/src/login-common/login-proxy.c Wed Nov 16 22:59:36 2011 +0200 +++ b/src/login-common/login-proxy.c Wed Nov 16 23:31:46 2011 +0200 @@ -505,18 +505,24 @@ { struct login_proxy *proxy = context; - if ((proxy->ssl_flags & PROXY_SSL_FLAG_ANY_CERT) != 0 || - ssl_proxy_has_valid_client_cert(proxy->ssl_server_proxy)) + if ((proxy->ssl_flags & PROXY_SSL_FLAG_ANY_CERT) != 0) return 0; - if (!ssl_proxy_has_broken_client_cert(proxy->ssl_server_proxy)) { + if (ssl_proxy_has_broken_client_cert(proxy->ssl_server_proxy)) { + client_log_err(proxy->client, t_strdup_printf( + "proxy: Received invalid SSL certificate from %s:%u", + proxy->host, proxy->port)); + } else if (!ssl_proxy_has_valid_client_cert(proxy->ssl_server_proxy)) { client_log_err(proxy->client, t_strdup_printf( "proxy: SSL certificate not received from %s:%u", proxy->host, proxy->port)); + } else if (ssl_proxy_cert_match_name(proxy->ssl_server_proxy, + proxy->host) < 0) { + client_log_err(proxy->client, t_strdup_printf( + "proxy: hostname doesn't match SSL certificate at %s:%u", + proxy->host, proxy->port)); } else { - client_log_err(proxy->client, t_strdup_printf( - "proxy: Received invalid SSL certificate from %s:%u", - proxy->host, proxy->port)); + return 0; } proxy->disconnecting = TRUE; return -1; diff -r e4aa32586f17 -r 5e9eaf63a6b1 src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Wed Nov 16 22:59:36 2011 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Wed Nov 16 23:31:46 2011 +0200 @@ -21,6 +21,7 @@ #include #include +#include #include #include #include @@ -661,6 +662,87 @@ return proxy->cert_received && proxy->cert_broken; } +static const char *asn1_string_to_c(ASN1_STRING *asn_str) +{ + const char *cstr; + unsigned int len; + + len = ASN1_STRING_length(asn_str); + cstr = t_strndup(ASN1_STRING_data(asn_str), len); + if (strlen(cstr) != len) { + /* NULs in the name - could be some MITM attack. + never allow. */ + return ""; + } + return cstr; +} + +static const char *get_general_dns_name(const GENERAL_NAME *name) +{ + if (ASN1_STRING_type(name->d.ia5) != V_ASN1_IA5STRING) + return ""; + + return asn1_string_to_c(name->d.ia5); +} + +static const char *get_cname(X509 *cert) +{ + X509_NAME *name; + X509_NAME_ENTRY *entry; + ASN1_STRING *str; + int cn_idx; + + name = X509_get_subject_name(cert); + if (name == NULL) + return ""; + cn_idx = X509_NAME_get_index_by_NID(name, NID_commonName, -1); + if (cn_idx == -1) + return ""; + entry = X509_NAME_get_entry(name, cn_idx); + i_assert(entry != NULL); + str = X509_NAME_ENTRY_get_data(entry); + i_assert(str != NULL); + return asn1_string_to_c(str); +} + +static int openssl_cert_match_name(SSL *ssl, const char *verify_name) +{ + X509 *cert; + STACK_OF(GENERAL_NAME) *gnames; + const GENERAL_NAME *gn; + const char *dnsname; + bool dns_names = FALSE; + unsigned int i, count; + + cert = SSL_get_peer_certificate(ssl); + i_assert(cert != NULL); + + /* verify against SubjectAltNames */ + gnames = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL); + count = gnames == NULL ? 0 : sk_GENERAL_NAME_num(gnames); + for (i = 0; i < count; i++) { + gn = sk_GENERAL_NAME_value(gnames, i); + if (gn->type == GEN_DNS) { + dns_names = TRUE; + dnsname = get_general_dns_name(gn); + if (strcmp(dnsname, verify_name) == 0) + break; + } + } + sk_GENERAL_NAME_pop_free(gnames, GENERAL_NAME_free); + /* verify against CommonName only when there wasn't any DNS + SubjectAltNames */ + if (dns_names) + return i < count ? 0 : -1; + + return strcmp(get_cname(cert), verify_name) == 0 ? 0 : -1; +} + +int ssl_proxy_cert_match_name(struct ssl_proxy *proxy, const char *verify_name) +{ + return openssl_cert_match_name(proxy->ssl, verify_name); +} + const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy) { X509 *x509; diff -r e4aa32586f17 -r 5e9eaf63a6b1 src/login-common/ssl-proxy.c --- a/src/login-common/ssl-proxy.c Wed Nov 16 22:59:36 2011 +0200 +++ b/src/login-common/ssl-proxy.c Wed Nov 16 23:31:46 2011 +0200 @@ -46,6 +46,12 @@ return FALSE; } +int ssl_proxy_cert_match_name(struct ssl_proxy *proxy ATTR_UNUSED, + const char *verify_name ATTR_UNUSED) +{ + return -1; +} + const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy ATTR_UNUSED) { return NULL; diff -r e4aa32586f17 -r 5e9eaf63a6b1 src/login-common/ssl-proxy.h --- a/src/login-common/ssl-proxy.h Wed Nov 16 22:59:36 2011 +0200 +++ b/src/login-common/ssl-proxy.h Wed Nov 16 23:31:46 2011 +0200 @@ -24,6 +24,7 @@ void ssl_proxy_set_client(struct ssl_proxy *proxy, struct client *client); bool ssl_proxy_has_valid_client_cert(const struct ssl_proxy *proxy) ATTR_PURE; bool ssl_proxy_has_broken_client_cert(struct ssl_proxy *proxy); +int ssl_proxy_cert_match_name(struct ssl_proxy *proxy, const char *verify_name); const char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy); bool ssl_proxy_is_handshaked(const struct ssl_proxy *proxy) ATTR_PURE; const char *ssl_proxy_get_last_error(const struct ssl_proxy *proxy) ATTR_PURE; From dovecot at dovecot.org Wed Nov 16 23:40:17 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 16 Nov 2011 23:40:17 +0200 Subject: dovecot-2.0: login proxy: Skip SSL hostname check when connectin... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/de8715e4d793 changeset: 12978:de8715e4d793 user: Timo Sirainen date: Wed Nov 16 23:40:03 2011 +0200 description: login proxy: Skip SSL hostname check when connecting to IP address (for backwards compatibility) diffstat: src/login-common/login-proxy.c | 6 +++++- 1 files changed, 5 insertions(+), 1 deletions(-) diffs (23 lines): diff -r 5e9eaf63a6b1 -r de8715e4d793 src/login-common/login-proxy.c --- a/src/login-common/login-proxy.c Wed Nov 16 23:31:46 2011 +0200 +++ b/src/login-common/login-proxy.c Wed Nov 16 23:40:03 2011 +0200 @@ -504,6 +504,7 @@ static int login_proxy_ssl_handshaked(void *context) { struct login_proxy *proxy = context; + struct ip_addr ip; if ((proxy->ssl_flags & PROXY_SSL_FLAG_ANY_CERT) != 0) return 0; @@ -516,7 +517,10 @@ client_log_err(proxy->client, t_strdup_printf( "proxy: SSL certificate not received from %s:%u", proxy->host, proxy->port)); - } else if (ssl_proxy_cert_match_name(proxy->ssl_server_proxy, + } else if (net_addr2ip(proxy->host, &ip) == 0 || + /* NOTE: allow IP address for backwards compatibility, + v2.1 no longer accepts it */ + ssl_proxy_cert_match_name(proxy->ssl_server_proxy, proxy->host) < 0) { client_log_err(proxy->client, t_strdup_printf( "proxy: hostname doesn't match SSL certificate at %s:%u", From dovecot at dovecot.org Thu Nov 17 00:41:33 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 17 Nov 2011 00:41:33 +0200 Subject: dovecot-2.1: login proxy: Don't fail connection if CRL isn't fou... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/f986b56d8e2a changeset: 13718:f986b56d8e2a user: Timo Sirainen date: Thu Nov 17 00:41:15 2011 +0200 description: login proxy: Don't fail connection if CRL isn't found for some certificate. diffstat: src/login-common/ssl-proxy-openssl.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diffs (14 lines): diff -r b0c0d11792fc -r f986b56d8e2a src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Wed Nov 16 22:59:36 2011 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Thu Nov 17 00:41:15 2011 +0200 @@ -857,6 +857,10 @@ else i_info("Valid certificate: %s", buf); } + if (ctx->error == X509_V_ERR_UNABLE_TO_GET_CRL && proxy->client_proxy) { + /* no CRL given with the CA list. don't worry about it. */ + preverify_ok = 1; + } if (!preverify_ok) proxy->cert_broken = TRUE; From dovecot at dovecot.org Thu Nov 17 00:41:51 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 17 Nov 2011 00:41:51 +0200 Subject: dovecot-2.0: login proxy: Don't fail connection if CRL isn't fou... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/4294e9136cd6 changeset: 12979:4294e9136cd6 user: Timo Sirainen date: Thu Nov 17 00:41:15 2011 +0200 description: login proxy: Don't fail connection if CRL isn't found for some certificate. diffstat: src/login-common/ssl-proxy-openssl.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diffs (14 lines): diff -r de8715e4d793 -r 4294e9136cd6 src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Wed Nov 16 23:40:03 2011 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Thu Nov 17 00:41:15 2011 +0200 @@ -929,6 +929,10 @@ else i_info("Valid certificate: %s", buf); } + if (ctx->error == X509_V_ERR_UNABLE_TO_GET_CRL && proxy->client_proxy) { + /* no CRL given with the CA list. don't worry about it. */ + preverify_ok = 1; + } if (!preverify_ok) proxy->cert_broken = TRUE; From dovecot at dovecot.org Thu Nov 17 00:49:39 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 17 Nov 2011 00:49:39 +0200 Subject: dovecot-2.0: passdb vpopmail: Fix to handling mixed cleartext/cr... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/b99da8b1ecef changeset: 12980:b99da8b1ecef user: Timo Sirainen date: Thu Nov 17 00:49:30 2011 +0200 description: passdb vpopmail: Fix to handling mixed cleartext/crypt passwords. diffstat: src/auth/passdb-vpopmail.c | 25 ++++++++++++++++--------- 1 files changed, 16 insertions(+), 9 deletions(-) diffs (65 lines): diff -r 4294e9136cd6 -r b99da8b1ecef src/auth/passdb-vpopmail.c --- a/src/auth/passdb-vpopmail.c Thu Nov 17 00:41:15 2011 +0200 +++ b/src/auth/passdb-vpopmail.c Thu Nov 17 00:49:30 2011 +0200 @@ -55,7 +55,7 @@ } static char * -vpopmail_password_lookup(struct auth_request *auth_request, bool cleartext, +vpopmail_password_lookup(struct auth_request *auth_request, bool *cleartext, enum passdb_result *result_r) { char vpop_user[VPOPMAIL_LIMIT], vpop_domain[VPOPMAIL_LIMIT]; @@ -75,9 +75,10 @@ password = NULL; *result_r = PASSDB_RESULT_USER_DISABLED; } else { - if (vpw->pw_clear_passwd != NULL) + if (vpw->pw_clear_passwd != NULL) { password = t_strdup_noconst(vpw->pw_clear_passwd); - else if (!cleartext) + *cleartext = TRUE; + } else if (!*cleartext) password = t_strdup_noconst(vpw->pw_passwd); else password = NULL; @@ -99,8 +100,9 @@ { enum passdb_result result; char *password; + bool cleartext = TRUE; - password = vpopmail_password_lookup(request, TRUE, &result); + password = vpopmail_password_lookup(request, &cleartext, &result); if (password == NULL) { callback(result, NULL, 0, request); return; @@ -118,18 +120,23 @@ enum passdb_result result; const char *scheme, *tmp_pass; char *crypted_pass; + bool cleartext; int ret; - crypted_pass = vpopmail_password_lookup(request, FALSE, &result); + crypted_pass = vpopmail_password_lookup(request, &cleartext, &result); if (crypted_pass == NULL) { callback(result, request); return; } + tmp_pass = crypted_pass; - tmp_pass = crypted_pass; - scheme = password_get_scheme(&tmp_pass); - if (scheme == NULL) - scheme = request->passdb->passdb->default_pass_scheme; + if (cleartext) + scheme = "CLEARTEXT"; + else { + scheme = password_get_scheme(&tmp_pass); + if (scheme == NULL) + scheme = request->passdb->passdb->default_pass_scheme; + } ret = auth_request_password_verify(request, password, tmp_pass, scheme, "vpopmail"); From dovecot at dovecot.org Thu Nov 17 00:49:53 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 17 Nov 2011 00:49:53 +0200 Subject: dovecot-2.1: passdb vpopmail: Fix to handling mixed cleartext/cr... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/c4ecdea00e4d changeset: 13719:c4ecdea00e4d user: Timo Sirainen date: Thu Nov 17 00:49:30 2011 +0200 description: passdb vpopmail: Fix to handling mixed cleartext/crypt passwords. diffstat: src/auth/passdb-vpopmail.c | 25 ++++++++++++++++--------- 1 files changed, 16 insertions(+), 9 deletions(-) diffs (65 lines): diff -r f986b56d8e2a -r c4ecdea00e4d src/auth/passdb-vpopmail.c --- a/src/auth/passdb-vpopmail.c Thu Nov 17 00:41:15 2011 +0200 +++ b/src/auth/passdb-vpopmail.c Thu Nov 17 00:49:30 2011 +0200 @@ -55,7 +55,7 @@ } static char * -vpopmail_password_lookup(struct auth_request *auth_request, bool cleartext, +vpopmail_password_lookup(struct auth_request *auth_request, bool *cleartext, enum passdb_result *result_r) { char vpop_user[VPOPMAIL_LIMIT], vpop_domain[VPOPMAIL_LIMIT]; @@ -75,9 +75,10 @@ password = NULL; *result_r = PASSDB_RESULT_USER_DISABLED; } else { - if (vpw->pw_clear_passwd != NULL) + if (vpw->pw_clear_passwd != NULL) { password = t_strdup_noconst(vpw->pw_clear_passwd); - else if (!cleartext) + *cleartext = TRUE; + } else if (!*cleartext) password = t_strdup_noconst(vpw->pw_passwd); else password = NULL; @@ -99,8 +100,9 @@ { enum passdb_result result; char *password; + bool cleartext = TRUE; - password = vpopmail_password_lookup(request, TRUE, &result); + password = vpopmail_password_lookup(request, &cleartext, &result); if (password == NULL) { callback(result, NULL, 0, request); return; @@ -118,18 +120,23 @@ enum passdb_result result; const char *scheme, *tmp_pass; char *crypted_pass; + bool cleartext; int ret; - crypted_pass = vpopmail_password_lookup(request, FALSE, &result); + crypted_pass = vpopmail_password_lookup(request, &cleartext, &result); if (crypted_pass == NULL) { callback(result, request); return; } + tmp_pass = crypted_pass; - tmp_pass = crypted_pass; - scheme = password_get_scheme(&tmp_pass); - if (scheme == NULL) - scheme = request->passdb->passdb->default_pass_scheme; + if (cleartext) + scheme = "CLEARTEXT"; + else { + scheme = password_get_scheme(&tmp_pass); + if (scheme == NULL) + scheme = request->passdb->passdb->default_pass_scheme; + } ret = auth_request_password_verify(request, password, tmp_pass, scheme, "vpopmail"); From dovecot at dovecot.org Thu Nov 17 01:31:21 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 17 Nov 2011 01:31:21 +0200 Subject: dovecot-2.0: Released v2.0.16. Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/7a321a6a96d9 changeset: 12981:7a321a6a96d9 user: Timo Sirainen date: Thu Nov 17 01:00:46 2011 +0200 description: Released v2.0.16. diffstat: NEWS | 20 ++++++++++++++++++++ configure.in | 2 +- 2 files changed, 21 insertions(+), 1 deletions(-) diffs (37 lines): diff -r b99da8b1ecef -r 7a321a6a96d9 NEWS --- a/NEWS Thu Nov 17 00:49:30 2011 +0200 +++ b/NEWS Thu Nov 17 01:00:46 2011 +0200 @@ -1,3 +1,23 @@ +v2.0.16 2011-11-17 Timo Sirainen + + * VSZ limits weren't being enforced for any processes. On server with + large mailboxes you may now see errors about it if the limits aren't + high enough. To fix them, either increase individual service { + vsz_limit } values or simply increase the default_vsz_limit setting. + * Proxying: If using ssl=yes or starttls=yes with a hostname (not IP) + as proxy destination, require that the certificate matches the given + hostname. + * LMTP: Changed default client_limit to 1. This should improve LMTP + throughput with default settings. + * dsync: Quota is no longer enforced (i.e. dsync can't fail because + user is over quota). + + + Added "auto" mail storage driver, which can be used to autodetect + mailbox location and format. This behavior is already the default + for empty mail_location setting, so this change is mainly useful for + shared namespace's location setting. + + checkpassword: Export all auth %variables to AUTH_* environment. + v2.0.15 2011-09-16 Timo Sirainen + doveadm altmove: Added -r parameter to move mails back to primary diff -r b99da8b1ecef -r 7a321a6a96d9 configure.in --- a/configure.in Thu Nov 17 00:49:30 2011 +0200 +++ b/configure.in Thu Nov 17 01:00:46 2011 +0200 @@ -1,5 +1,5 @@ AC_PREREQ([2.59]) -AC_INIT([Dovecot],[2.0.15],[dovecot at dovecot.org]) +AC_INIT([Dovecot],[2.0.16],[dovecot at dovecot.org]) AC_CONFIG_SRCDIR([src]) AM_INIT_AUTOMAKE([foreign]) From dovecot at dovecot.org Thu Nov 17 01:31:21 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 17 Nov 2011 01:31:21 +0200 Subject: dovecot-2.0: Added tag 2.0.16 for changeset 7a321a6a96d9 Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/9be0f90aa624 changeset: 12982:9be0f90aa624 user: Timo Sirainen date: Thu Nov 17 01:00:48 2011 +0200 description: Added tag 2.0.16 for changeset 7a321a6a96d9 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 7a321a6a96d9 -r 9be0f90aa624 .hgtags --- a/.hgtags Thu Nov 17 01:00:46 2011 +0200 +++ b/.hgtags Thu Nov 17 01:00:48 2011 +0200 @@ -66,3 +66,4 @@ aa8dfa085a99b5c6e1bb6d304adc67b8a199c63a 2.0.13 aa68f38c04f080fe4d3142fb3f73425b78ef98bd 2.0.14 11ef524500964054ae8e4e6150f890b1864139eb 2.0.15 +7a321a6a96d9d0bd345685f822ba1751334e7402 2.0.16 From dovecot at dovecot.org Thu Nov 17 01:31:21 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 17 Nov 2011 01:31:21 +0200 Subject: dovecot-2.0: Added signature for changeset 7a321a6a96d9 Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/e93b1044f59e changeset: 12983:e93b1044f59e user: Timo Sirainen date: Thu Nov 17 01:00:51 2011 +0200 description: Added signature for changeset 7a321a6a96d9 diffstat: .hgsigs | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 9be0f90aa624 -r e93b1044f59e .hgsigs --- a/.hgsigs Thu Nov 17 01:00:48 2011 +0200 +++ b/.hgsigs Thu Nov 17 01:00:51 2011 +0200 @@ -29,3 +29,4 @@ aa8dfa085a99b5c6e1bb6d304adc67b8a199c63a 0 iEYEABECAAYFAk3KpGwACgkQyUhSUUBVismbmQCfTKfNrQnIy2cIQCYUE7zFrRl6nvgAnAu5W0iAfzKwFEAGtnGj1h+D+tY0 aa68f38c04f080fe4d3142fb3f73425b78ef98bd 0 iEYEABECAAYFAk5bEKIACgkQyUhSUUBVislRhwCePWvqh3c+EitvNe1XlMqxpwWvDDgAoJKjDnmLwk0U62IhIQ+x90DEIgl6 11ef524500964054ae8e4e6150f890b1864139eb 0 iEYEABECAAYFAk5zUvIACgkQyUhSUUBVisnDTgCdHVHSwKeZjHV4KrlTmqipFoO26mkAoIMqPTna3Y1ETIGnPq6XRCB90C8p +7a321a6a96d9d0bd345685f822ba1751334e7402 0 iEYEABECAAYFAk7EQKAACgkQyUhSUUBVisld+ACbBWyJWJmyfyvb6mpvdGnHg6tl5eUAni8p1sYBzklUoFwwfe3CGUOyHiB9 From dovecot at dovecot.org Thu Nov 17 02:03:07 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 17 Nov 2011 02:03:07 +0200 Subject: dovecot-2.0: login: Fixed a memory leak when SSL client connecti... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/7cc727b4c269 changeset: 12984:7cc727b4c269 user: Timo Sirainen date: Thu Nov 17 02:02:30 2011 +0200 description: login: Fixed a memory leak when SSL client connection was closed uncleanly. diffstat: src/login-common/ssl-proxy-openssl.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r e93b1044f59e -r 7cc727b4c269 src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Thu Nov 17 01:00:51 2011 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Thu Nov 17 02:02:30 2011 +0200 @@ -835,6 +835,7 @@ if (proxy->client != NULL) client_unref(&proxy->client); + i_free(proxy->last_error); i_free(proxy); } From dovecot at dovecot.org Thu Nov 17 02:03:17 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 17 Nov 2011 02:03:17 +0200 Subject: dovecot-2.1: login: Fixed a memory leak when SSL client connecti... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/81eff56d8bc1 changeset: 13720:81eff56d8bc1 user: Timo Sirainen date: Thu Nov 17 02:02:30 2011 +0200 description: login: Fixed a memory leak when SSL client connection was closed uncleanly. diffstat: src/login-common/ssl-proxy-openssl.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r c4ecdea00e4d -r 81eff56d8bc1 src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Thu Nov 17 00:49:30 2011 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Thu Nov 17 02:02:30 2011 +0200 @@ -763,6 +763,7 @@ if (proxy->client != NULL) client_unref(&proxy->client); + i_free(proxy->last_error); i_free(proxy); } From dovecot at dovecot.org Fri Nov 18 16:17:05 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 18 Nov 2011 16:17:05 +0200 Subject: dovecot-2.1: login: Minor potential authentication fix when serv... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/80558d1b7040 changeset: 13721:80558d1b7040 user: Timo Sirainen date: Fri Nov 18 15:52:23 2011 +0200 description: login: Minor potential authentication fix when service_count>1 diffstat: src/login-common/client-common.c | 7 ++++--- src/login-common/login-common.h | 1 + src/login-common/main.c | 2 ++ 3 files changed, 7 insertions(+), 3 deletions(-) diffs (49 lines): diff -r 81eff56d8bc1 -r 80558d1b7040 src/login-common/client-common.c --- a/src/login-common/client-common.c Thu Nov 17 02:02:30 2011 +0200 +++ b/src/login-common/client-common.c Fri Nov 18 15:52:23 2011 +0200 @@ -156,11 +156,12 @@ if (client->ssl_proxy != NULL) ssl_proxy_free(&client->ssl_proxy); client->v.destroy(client); - if (client_unref(&client) && - master_service_get_service_count(master_service) == 1) { + if (client_unref(&client) && initial_service_count == 1) { /* as soon as this connection is done with proxying (or whatever), the process will die. there's no need for - authentication anymore, so close the connection. */ + authentication anymore, so close the connection. + do this only with initial service_count=1, in case there + are other clients with pending authentications */ auth_client_disconnect(auth_client); } login_client_destroyed(); diff -r 81eff56d8bc1 -r 80558d1b7040 src/login-common/login-common.h --- a/src/login-common/login-common.h Thu Nov 17 02:02:30 2011 +0200 +++ b/src/login-common/login-common.h Fri Nov 18 15:52:23 2011 +0200 @@ -35,6 +35,7 @@ extern bool closing_down; extern struct anvil_client *anvil; extern const char *login_rawlog_dir; +extern unsigned int initial_service_count; extern const struct login_settings *global_login_settings; extern void **global_other_settings; diff -r 81eff56d8bc1 -r 80558d1b7040 src/login-common/main.c --- a/src/login-common/main.c Thu Nov 17 02:02:30 2011 +0200 +++ b/src/login-common/main.c Fri Nov 18 15:52:23 2011 +0200 @@ -37,6 +37,7 @@ bool closing_down; struct anvil_client *anvil; const char *login_rawlog_dir = NULL; +unsigned int initial_service_count; const struct login_settings *global_login_settings; void **global_other_settings; @@ -286,6 +287,7 @@ restrict_access_by_env(NULL, TRUE); if (allow_core_dumps) restrict_access_allow_coredumps(TRUE); + initial_service_count = master_service_get_service_count(master_service); } static void main_init(const char *login_socket) From dovecot at dovecot.org Fri Nov 18 16:17:05 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 18 Nov 2011 16:17:05 +0200 Subject: dovecot-2.1: auth: Log a warning if auth client disconnects whil... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/2ecd0e90402a changeset: 13722:2ecd0e90402a user: Timo Sirainen date: Fri Nov 18 16:15:24 2011 +0200 description: auth: Log a warning if auth client disconnects while it still has pending requests. diffstat: src/auth/auth-client-connection.c | 34 ++++++++++++++++++++++++++++++---- src/auth/auth-request-handler.c | 6 ++++++ src/auth/auth-request-handler.h | 2 ++ 3 files changed, 38 insertions(+), 4 deletions(-) diffs (107 lines): diff -r 80558d1b7040 -r 2ecd0e90402a src/auth/auth-client-connection.c --- a/src/auth/auth-client-connection.c Fri Nov 18 15:52:23 2011 +0200 +++ b/src/auth/auth-client-connection.c Fri Nov 18 16:15:24 2011 +0200 @@ -26,6 +26,7 @@ static ARRAY_DEFINE(auth_client_connections, struct auth_client_connection *); +static void auth_client_disconnected(struct auth_client_connection **_conn); static void auth_client_connection_unref(struct auth_client_connection **_conn); static void auth_client_input(struct auth_client_connection *conn); @@ -100,7 +101,7 @@ see if the old connection is still there. */ i_assert(old != conn); if (i_stream_read(old->input) == -1) { - auth_client_connection_destroy(&old); + auth_client_disconnected(&old); old = NULL; } } @@ -128,7 +129,7 @@ static int auth_client_output(struct auth_client_connection *conn) { if (o_stream_flush(conn->output) < 0) { - auth_client_connection_destroy(&conn); + auth_client_disconnected(&conn); return 1; } @@ -221,7 +222,7 @@ return; case -1: /* disconnected */ - auth_client_connection_destroy(&conn); + auth_client_disconnected(&conn); return; case -2: /* buffer full */ @@ -314,7 +315,7 @@ str_append(str, "\nDONE\n"); if (o_stream_send(conn->output, str_data(str), str_len(str)) < 0) - auth_client_connection_destroy(&conn); + auth_client_disconnected(&conn); return conn; } @@ -356,6 +357,31 @@ auth_client_connection_unref(&conn); } +static void auth_client_disconnected(struct auth_client_connection **_conn) +{ + struct auth_client_connection *conn = *_conn; + unsigned int request_count; + int err; + + *_conn = NULL; + + if (conn->input->stream_errno != 0) + err = conn->input->stream_errno; + else if (conn->output->stream_errno != 0) + err = conn->output->stream_errno; + else + err = 0; + + request_count = conn->request_handler == NULL ? 0 : + auth_request_handler_get_request_count(conn->request_handler); + if (request_count > 0) { + i_warning("auth client %u disconnected with %u " + "pending requests: %s", conn->pid, request_count, + err == 0 ? "EOF" : strerror(err)); + } + auth_client_connection_destroy(&conn); +} + static void auth_client_connection_unref(struct auth_client_connection **_conn) { struct auth_client_connection *conn = *_conn; diff -r 80558d1b7040 -r 2ecd0e90402a src/auth/auth-request-handler.c --- a/src/auth/auth-request-handler.c Fri Nov 18 15:52:23 2011 +0200 +++ b/src/auth/auth-request-handler.c Fri Nov 18 16:15:24 2011 +0200 @@ -59,6 +59,12 @@ return handler; } +unsigned int +auth_request_handler_get_request_count(struct auth_request_handler *handler) +{ + return hash_table_count(handler->requests); +} + void auth_request_handler_abort_requests(struct auth_request_handler *handler) { struct hash_iterate_context *iter; diff -r 80558d1b7040 -r 2ecd0e90402a src/auth/auth-request-handler.h --- a/src/auth/auth-request-handler.h Fri Nov 18 15:52:23 2011 +0200 +++ b/src/auth/auth-request-handler.h Fri Nov 18 16:15:24 2011 +0200 @@ -46,6 +46,8 @@ const void *reply, size_t reply_size); void auth_request_handler_reply_continue(struct auth_request *request, const void *reply, size_t reply_size); +unsigned int +auth_request_handler_get_request_count(struct auth_request_handler *handler); bool auth_request_handler_master_request(struct auth_request_handler *handler, struct auth_master_connection *master, unsigned int id, From dovecot at dovecot.org Fri Nov 18 16:17:05 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 18 Nov 2011 16:17:05 +0200 Subject: dovecot-2.1: login: Differentiate between auth failure and auth ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/dd66ea0e7d00 changeset: 13723:dd66ea0e7d00 user: Timo Sirainen date: Fri Nov 18 16:16:34 2011 +0200 description: login: Differentiate between auth failure and auth process communication failure. Log a warning if auth connection dies. diffstat: src/lib-auth/auth-client-request.c | 4 +++- src/lib-auth/auth-client.h | 2 ++ src/lib-auth/auth-server-connection.c | 5 +++-- src/login-common/client-common.c | 2 ++ src/login-common/client-common.h | 1 + src/login-common/sasl-server.c | 4 ++++ 6 files changed, 15 insertions(+), 3 deletions(-) diffs (93 lines): diff -r 2ecd0e90402a -r dd66ea0e7d00 src/lib-auth/auth-client-request.c --- a/src/lib-auth/auth-client-request.c Fri Nov 18 16:15:24 2011 +0200 +++ b/src/lib-auth/auth-client-request.c Fri Nov 18 16:16:34 2011 +0200 @@ -133,7 +133,7 @@ *_request = NULL; auth_client_send_cancel(request->conn->client, request->id); - call_callback(request, AUTH_REQUEST_STATUS_FAIL, NULL, NULL); + call_callback(request, AUTH_REQUEST_STATUS_ABORT, NULL, NULL); } unsigned int auth_client_request_get_id(struct auth_client_request *request) @@ -182,6 +182,8 @@ args = NULL; break; case AUTH_REQUEST_STATUS_FAIL: + case AUTH_REQUEST_STATUS_INTERNAL_FAIL: + case AUTH_REQUEST_STATUS_ABORT: break; } diff -r 2ecd0e90402a -r dd66ea0e7d00 src/lib-auth/auth-client.h --- a/src/lib-auth/auth-client.h Fri Nov 18 16:15:24 2011 +0200 +++ b/src/lib-auth/auth-client.h Fri Nov 18 16:16:34 2011 +0200 @@ -15,6 +15,8 @@ }; enum auth_request_status { + AUTH_REQUEST_STATUS_ABORT = -3, + AUTH_REQUEST_STATUS_INTERNAL_FAIL = -2, AUTH_REQUEST_STATUS_FAIL = -1, AUTH_REQUEST_STATUS_CONTINUE, AUTH_REQUEST_STATUS_OK diff -r 2ecd0e90402a -r dd66ea0e7d00 src/lib-auth/auth-server-connection.c --- a/src/lib-auth/auth-server-connection.c Fri Nov 18 16:15:24 2011 +0200 +++ b/src/lib-auth/auth-server-connection.c Fri Nov 18 16:16:34 2011 +0200 @@ -243,6 +243,7 @@ return; case -1: /* disconnected */ + i_error("Authentication server disconnected, reconnecting"); auth_server_connection_reconnect(conn); return; case -2: @@ -314,8 +315,8 @@ struct auth_client_request *request = value; auth_client_request_server_input(request, - AUTH_REQUEST_STATUS_FAIL, - temp_failure_args); + AUTH_REQUEST_STATUS_INTERNAL_FAIL, + temp_failure_args); } hash_table_iterate_deinit(&iter); hash_table_clear(conn->requests, FALSE); diff -r 2ecd0e90402a -r dd66ea0e7d00 src/login-common/client-common.c --- a/src/login-common/client-common.c Fri Nov 18 16:15:24 2011 +0200 +++ b/src/login-common/client-common.c Fri Nov 18 16:16:34 2011 +0200 @@ -539,6 +539,8 @@ } if (client->auth_try_aborted && client->auth_attempts == 1) return "(aborted authentication)"; + if (client->auth_process_comm_fail) + return "(auth process communication failure)"; if (client->auth_successes > 0) { return t_strdup_printf("(internal failure, %u succesful auths)", diff -r 2ecd0e90402a -r dd66ea0e7d00 src/login-common/client-common.h --- a/src/login-common/client-common.h Fri Nov 18 16:15:24 2011 +0200 +++ b/src/login-common/client-common.h Fri Nov 18 16:16:34 2011 +0200 @@ -125,6 +125,7 @@ unsigned int auth_tried_unsupported_mech:1; unsigned int auth_try_aborted:1; unsigned int auth_initializing:1; + unsigned int auth_process_comm_fail:1; /* ... */ }; diff -r 2ecd0e90402a -r dd66ea0e7d00 src/login-common/sasl-server.c --- a/src/login-common/sasl-server.c Fri Nov 18 16:15:24 2011 +0200 +++ b/src/login-common/sasl-server.c Fri Nov 18 16:16:34 2011 +0200 @@ -245,7 +245,11 @@ anvil_check_too_many_connections(client, request); } break; + case AUTH_REQUEST_STATUS_INTERNAL_FAIL: + client->auth_process_comm_fail = TRUE; + /* fall through */ case AUTH_REQUEST_STATUS_FAIL: + case AUTH_REQUEST_STATUS_ABORT: client->auth_request = NULL; if (args != NULL) { From dovecot at dovecot.org Fri Nov 18 16:22:54 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 18 Nov 2011 16:22:54 +0200 Subject: dovecot-2.1: login: Added assert. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/dafa6dc27398 changeset: 13724:dafa6dc27398 user: Timo Sirainen date: Fri Nov 18 16:22:44 2011 +0200 description: login: Added assert. diffstat: src/login-common/main.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diffs (12 lines): diff -r dd66ea0e7d00 -r dafa6dc27398 src/login-common/main.c --- a/src/login-common/main.c Fri Nov 18 16:16:34 2011 +0200 +++ b/src/login-common/main.c Fri Nov 18 16:22:44 2011 +0200 @@ -71,6 +71,8 @@ static void auth_client_idle_timeout(struct auth_client *auth_client) { + i_assert(clients == NULL); + auth_client_disconnect(auth_client); timeout_remove(&auth_client_to); } From dovecot at dovecot.org Fri Nov 18 21:31:37 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 18 Nov 2011 21:31:37 +0200 Subject: dovecot-2.1: login proxy: Added ssl_client_cert/key settings. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/700e92b43c74 changeset: 13725:700e92b43c74 user: Timo Sirainen date: Fri Nov 18 21:31:15 2011 +0200 description: login proxy: Added ssl_client_cert/key settings. The client cert is used sent to proxy destination server when SSL is used. diffstat: src/login-common/login-settings.c | 4 +++ src/login-common/login-settings.h | 2 + src/login-common/ssl-proxy-openssl.c | 38 +++++++++++++++++++++++++++++------ 3 files changed, 37 insertions(+), 7 deletions(-) diffs (111 lines): diff -r dafa6dc27398 -r 700e92b43c74 src/login-common/login-settings.c --- a/src/login-common/login-settings.c Fri Nov 18 16:22:44 2011 +0200 +++ b/src/login-common/login-settings.c Fri Nov 18 21:31:15 2011 +0200 @@ -33,6 +33,8 @@ DEF(SET_STR, ssl_cipher_list), DEF(SET_STR, ssl_protocols), DEF(SET_STR, ssl_cert_username_field), + DEF(SET_STR, ssl_client_cert), + DEF(SET_STR, ssl_client_key), DEF(SET_BOOL, ssl_verify_client_cert), DEF(SET_BOOL, auth_ssl_require_client_cert), DEF(SET_BOOL, auth_ssl_username_from_cert), @@ -63,6 +65,8 @@ .ssl_cipher_list = "ALL:!LOW:!SSLv2:!EXP:!aNULL", .ssl_protocols = "!SSLv2", .ssl_cert_username_field = "commonName", + .ssl_client_cert = "", + .ssl_client_key = "", .ssl_verify_client_cert = FALSE, .auth_ssl_require_client_cert = FALSE, .auth_ssl_username_from_cert = FALSE, diff -r dafa6dc27398 -r 700e92b43c74 src/login-common/login-settings.h --- a/src/login-common/login-settings.h Fri Nov 18 16:22:44 2011 +0200 +++ b/src/login-common/login-settings.h Fri Nov 18 21:31:15 2011 +0200 @@ -15,6 +15,8 @@ const char *ssl_cipher_list; const char *ssl_protocols; const char *ssl_cert_username_field; + const char *ssl_client_cert; + const char *ssl_client_key; bool ssl_verify_client_cert; bool auth_ssl_require_client_cert; bool auth_ssl_username_from_cert; diff -r dafa6dc27398 -r 700e92b43c74 src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Fri Nov 18 16:22:44 2011 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Fri Nov 18 21:31:15 2011 +0200 @@ -993,20 +993,17 @@ } } -static EVP_PKEY *ssl_proxy_load_key(const struct login_settings *set) +static EVP_PKEY * +ssl_proxy_load_key(const char *key, const char *password) { EVP_PKEY *pkey; BIO *bio; - const char *password; char *dup_password; - bio = BIO_new_mem_buf(t_strdup_noconst(set->ssl_key), - strlen(set->ssl_key)); + bio = BIO_new_mem_buf(t_strdup_noconst(key), strlen(key)); if (bio == NULL) i_fatal("BIO_new_mem_buf() failed"); - password = *set->ssl_key_password != '\0' ? set->ssl_key_password : - getenv(MASTER_SSL_KEY_PASSWORD_ENV); dup_password = t_strdup_noconst(password); pkey = PEM_read_bio_PrivateKey(bio, NULL, pem_password_callback, dup_password); @@ -1030,8 +1027,11 @@ static void ssl_proxy_ctx_use_key(SSL_CTX *ctx, const struct login_settings *set) { EVP_PKEY *pkey; + const char *password; - pkey = ssl_proxy_load_key(set); + password = *set->ssl_key_password != '\0' ? set->ssl_key_password : + getenv(MASTER_SSL_KEY_PASSWORD_ENV); + pkey = ssl_proxy_load_key(set->ssl_key, password); if (SSL_CTX_use_PrivateKey(ctx, pkey) != 1) i_fatal("Can't load private ssl_key: %s", ssl_key_load_error()); EVP_PKEY_free(pkey); @@ -1227,6 +1227,28 @@ pool_unref(&ctx->pool); } +static void +ssl_proxy_client_ctx_set_client_cert(SSL_CTX *ctx, + const struct login_settings *set) +{ + EVP_PKEY *pkey; + + if (*set->ssl_client_cert == '\0') + return; + + if (ssl_proxy_ctx_use_certificate_chain(ctx, set->ssl_client_cert) != 1) { + i_fatal("Can't load ssl_client_cert: %s", + ssl_proxy_get_use_certificate_error(set->ssl_client_cert)); + } + + pkey = ssl_proxy_load_key(set->ssl_client_key, NULL); + if (SSL_CTX_use_PrivateKey(ctx, pkey) != 1) { + i_fatal("Can't load private ssl_client_key: %s", + ssl_key_load_error()); + } + EVP_PKEY_free(pkey); +} + static void ssl_proxy_init_client(const struct login_settings *set) { STACK_OF(X509_NAME) *xnames; @@ -1235,6 +1257,8 @@ i_fatal("SSL_CTX_new() failed"); xnames = ssl_proxy_ctx_init(ssl_client_ctx, set); ssl_proxy_ctx_verify_client(ssl_client_ctx, xnames); + + ssl_proxy_client_ctx_set_client_cert(ssl_client_ctx, set); } void ssl_proxy_init(void) From dovecot at dovecot.org Fri Nov 18 21:33:50 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 18 Nov 2011 21:33:50 +0200 Subject: dovecot-2.0: login proxy: Added ssl_client_cert/key settings. Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/0c1e9bc8bc19 changeset: 12985:0c1e9bc8bc19 user: Timo Sirainen date: Fri Nov 18 21:31:15 2011 +0200 description: login proxy: Added ssl_client_cert/key settings. The client cert is used sent to proxy destination server when SSL is used. diffstat: src/login-common/login-settings.c | 4 +++ src/login-common/login-settings.h | 2 + src/login-common/ssl-proxy-openssl.c | 38 +++++++++++++++++++++++++++++------ 3 files changed, 37 insertions(+), 7 deletions(-) diffs (111 lines): diff -r 7cc727b4c269 -r 0c1e9bc8bc19 src/login-common/login-settings.c --- a/src/login-common/login-settings.c Thu Nov 17 02:02:30 2011 +0200 +++ b/src/login-common/login-settings.c Fri Nov 18 21:31:15 2011 +0200 @@ -32,6 +32,8 @@ DEF(SET_STR, ssl_key_password), DEF(SET_STR, ssl_cipher_list), DEF(SET_STR, ssl_cert_username_field), + DEF(SET_STR, ssl_client_cert), + DEF(SET_STR, ssl_client_key), DEF(SET_BOOL, ssl_verify_client_cert), DEF(SET_BOOL, auth_ssl_require_client_cert), DEF(SET_BOOL, auth_ssl_username_from_cert), @@ -61,6 +63,8 @@ .ssl_key_password = "", .ssl_cipher_list = "ALL:!LOW:!SSLv2:!EXP:!aNULL", .ssl_cert_username_field = "commonName", + .ssl_client_cert = "", + .ssl_client_key = "", .ssl_verify_client_cert = FALSE, .auth_ssl_require_client_cert = FALSE, .auth_ssl_username_from_cert = FALSE, diff -r 7cc727b4c269 -r 0c1e9bc8bc19 src/login-common/login-settings.h --- a/src/login-common/login-settings.h Thu Nov 17 02:02:30 2011 +0200 +++ b/src/login-common/login-settings.h Fri Nov 18 21:31:15 2011 +0200 @@ -14,6 +14,8 @@ const char *ssl_key_password; const char *ssl_cipher_list; const char *ssl_cert_username_field; + const char *ssl_client_cert; + const char *ssl_client_key; bool ssl_verify_client_cert; bool auth_ssl_require_client_cert; bool auth_ssl_username_from_cert; diff -r 7cc727b4c269 -r 0c1e9bc8bc19 src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Thu Nov 17 02:02:30 2011 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Fri Nov 18 21:31:15 2011 +0200 @@ -1062,20 +1062,17 @@ } } -static EVP_PKEY *ssl_proxy_load_key(const struct login_settings *set) +static EVP_PKEY * +ssl_proxy_load_key(const char *key, const char *password) { EVP_PKEY *pkey; BIO *bio; - const char *password; char *dup_password; - bio = BIO_new_mem_buf(t_strdup_noconst(set->ssl_key), - strlen(set->ssl_key)); + bio = BIO_new_mem_buf(t_strdup_noconst(key), strlen(key)); if (bio == NULL) i_fatal("BIO_new_mem_buf() failed"); - password = *set->ssl_key_password != '\0' ? set->ssl_key_password : - getenv(MASTER_SSL_KEY_PASSWORD_ENV); dup_password = t_strdup_noconst(password); pkey = PEM_read_bio_PrivateKey(bio, NULL, pem_password_callback, dup_password); @@ -1099,8 +1096,11 @@ static void ssl_proxy_ctx_use_key(SSL_CTX *ctx, const struct login_settings *set) { EVP_PKEY *pkey; + const char *password; - pkey = ssl_proxy_load_key(set); + password = *set->ssl_key_password != '\0' ? set->ssl_key_password : + getenv(MASTER_SSL_KEY_PASSWORD_ENV); + pkey = ssl_proxy_load_key(set->ssl_key, password); if (SSL_CTX_use_PrivateKey(ctx, pkey) != 1) i_fatal("Can't load private ssl_key: %s", ssl_key_load_error()); EVP_PKEY_free(pkey); @@ -1243,6 +1243,28 @@ pool_unref(&ctx->pool); } +static void +ssl_proxy_client_ctx_set_client_cert(SSL_CTX *ctx, + const struct login_settings *set) +{ + EVP_PKEY *pkey; + + if (*set->ssl_client_cert == '\0') + return; + + if (ssl_proxy_ctx_use_certificate_chain(ctx, set->ssl_client_cert) != 1) { + i_fatal("Can't load ssl_client_cert: %s", + ssl_proxy_get_use_certificate_error(set->ssl_client_cert)); + } + + pkey = ssl_proxy_load_key(set->ssl_client_key, NULL); + if (SSL_CTX_use_PrivateKey(ctx, pkey) != 1) { + i_fatal("Can't load private ssl_client_key: %s", + ssl_key_load_error()); + } + EVP_PKEY_free(pkey); +} + static void ssl_proxy_init_client(const struct login_settings *set) { STACK_OF(X509_NAME) *xnames; @@ -1251,6 +1273,8 @@ i_fatal("SSL_CTX_new() failed"); xnames = ssl_proxy_ctx_init(ssl_client_ctx, set); ssl_proxy_ctx_verify_client(ssl_client_ctx, xnames); + + ssl_proxy_client_ctx_set_client_cert(ssl_client_ctx, set); } void ssl_proxy_init(void) From dovecot at dovecot.org Fri Nov 18 21:37:47 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 18 Nov 2011 21:37:47 +0200 Subject: dovecot-2.1: lib-master: Set service/client limits already in ma... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/c6f5203bf59f changeset: 13726:c6f5203bf59f user: Timo Sirainen date: Fri Nov 18 21:35:52 2011 +0200 description: lib-master: Set service/client limits already in master_service_init() diffstat: src/lib-master/master-service.c | 85 +++++++++++++++++++--------------------- 1 files changed, 41 insertions(+), 44 deletions(-) diffs (134 lines): diff -r 700e92b43c74 -r c6f5203bf59f src/lib-master/master-service.c --- a/src/lib-master/master-service.c Fri Nov 18 21:31:15 2011 +0200 +++ b/src/lib-master/master-service.c Fri Nov 18 21:35:52 2011 +0200 @@ -101,7 +101,8 @@ int *argc, char **argv[], const char *getopt_str) { struct master_service *service; - const char *str; + const char *value; + unsigned int count; i_assert(name != NULL); @@ -110,8 +111,8 @@ (flags & MASTER_SERVICE_FLAG_STANDALONE) == 0) { int count; - str = getenv("SOCKET_COUNT"); - count = str == NULL ? 0 : atoi(str); + value = getenv("SOCKET_COUNT"); + count = value == NULL ? 0 : atoi(value); fd_debug_verify_leaks(MASTER_LISTEN_FD_FIRST + count, 1024); } #endif @@ -165,12 +166,12 @@ } else { service->version_string = PACKAGE_VERSION; } - str = getenv("SOCKET_COUNT"); - if (str != NULL) - service->socket_count = atoi(str); - str = getenv("SSL_SOCKET_COUNT"); - if (str != NULL) - service->ssl_socket_count = atoi(str); + value = getenv("SOCKET_COUNT"); + if (value != NULL) + service->socket_count = atoi(value); + value = getenv("SSL_SOCKET_COUNT"); + if (value != NULL) + service->ssl_socket_count = atoi(value); /* set up some kind of logging until we know exactly how and where we want to log */ @@ -183,6 +184,37 @@ i_set_failure_prefix(t_strdup_printf("%s: ", name)); } + if ((flags & MASTER_SERVICE_FLAG_STANDALONE) == 0) { + /* initialize master_status structure */ + value = getenv(MASTER_UID_ENV); + if (value == NULL || + str_to_uint(value, &service->master_status.uid) < 0) + i_fatal(MASTER_UID_ENV" missing"); + service->master_status.pid = getpid(); + + /* set the default limit */ + value = getenv(MASTER_CLIENT_LIMIT_ENV); + if (value == NULL || str_to_uint(value, &count) < 0 || + count == 0) + i_fatal(MASTER_CLIENT_LIMIT_ENV" missing"); + master_service_set_client_limit(service, count); + + /* seve the process limit */ + value = getenv(MASTER_PROCESS_LIMIT_ENV); + if (value != NULL && str_to_uint(value, &count) == 0 && + count > 0) + service->process_limit = count; + + /* set the default service count */ + value = getenv(MASTER_SERVICE_COUNT_ENV); + if (value != NULL && str_to_uint(value, &count) == 0 && + count > 0) + master_service_set_service_count(service, count); + } else { + master_service_set_client_limit(service, 1); + master_service_set_service_count(service, 1); + } + master_service_verify_version_string(service); return service; } @@ -346,11 +378,6 @@ { enum libsig_flags sigint_flags = LIBSIG_FLAG_DELAYED; struct stat st; - const char *value; - unsigned int count; - - i_assert(service->total_available_count == 0); - i_assert(service->service_count_left == (unsigned int)-1); /* set default signal handlers */ lib_signals_init(); @@ -367,40 +394,10 @@ if (fstat(MASTER_STATUS_FD, &st) < 0 || !S_ISFIFO(st.st_mode)) i_fatal("Must be started by dovecot master process"); - /* initialize master_status structure */ - value = getenv(MASTER_UID_ENV); - if (value == NULL || - str_to_uint(value, &service->master_status.uid) < 0) - i_fatal(MASTER_UID_ENV" missing"); - service->master_status.pid = getpid(); - - /* set the default limit */ - value = getenv(MASTER_CLIENT_LIMIT_ENV); - if (value == NULL || str_to_uint(value, &count) < 0 || - count == 0) - i_fatal(MASTER_CLIENT_LIMIT_ENV" missing"); - master_service_set_client_limit(service, count); - - /* seve the process limit */ - value = getenv(MASTER_PROCESS_LIMIT_ENV); - if (value != NULL && str_to_uint(value, &count) == 0 && - count > 0) - service->process_limit = count; - - /* set the default service count */ - value = getenv(MASTER_SERVICE_COUNT_ENV); - if (value != NULL && str_to_uint(value, &count) == 0 && - count > 0) - master_service_set_service_count(service, count); - /* start listening errors for status fd, it means master died */ service->io_status_error = io_add(MASTER_DEAD_FD, IO_ERROR, master_status_error, service); - } else { - master_service_set_client_limit(service, 1); - master_service_set_service_count(service, 1); } - master_service_io_listeners_add(service); if ((service->flags & MASTER_SERVICE_FLAG_STD_CLIENT) != 0) { From dovecot at dovecot.org Fri Nov 18 21:37:47 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 18 Nov 2011 21:37:47 +0200 Subject: dovecot-2.1: login: Call master_service_init_finish() later. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/ba1f99456742 changeset: 13727:ba1f99456742 user: Timo Sirainen date: Fri Nov 18 21:37:34 2011 +0200 description: login: Call master_service_init_finish() later. This prevents automatic infinite process respawns if SSL initialization fails. diffstat: src/login-common/main.c | 4 +--- 1 files changed, 1 insertions(+), 3 deletions(-) diffs (15 lines): diff -r c6f5203bf59f -r ba1f99456742 src/login-common/main.c --- a/src/login-common/main.c Fri Nov 18 21:35:52 2011 +0200 +++ b/src/login-common/main.c Fri Nov 18 21:37:34 2011 +0200 @@ -382,10 +382,8 @@ login_settings_read(set_pool, NULL, NULL, NULL, &global_other_settings); - /* main_preinit() needs to know the client limit, which is set by - this. so call it first. */ + main_preinit(allow_core_dumps); master_service_init_finish(master_service); - main_preinit(allow_core_dumps); main_init(login_socket); master_service_run(master_service, client_connected); From dovecot at dovecot.org Fri Nov 18 22:07:52 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 18 Nov 2011 22:07:52 +0200 Subject: dovecot-2.0: auth: Don't allow auth clients to set internal auth... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/a28757b3f97a changeset: 12986:a28757b3f97a user: Timo Sirainen date: Fri Nov 18 22:07:16 2011 +0200 description: auth: Don't allow auth clients to set internal auth request fields. This could have allowed attacker to bypass authentication if login process was first successfully attacked to allow arbitrary code execution. diffstat: src/auth/auth-master-connection.c | 2 +- src/auth/auth-request-handler.c | 2 +- src/auth/auth-request.c | 72 ++++++++++++++++++++++++++------------ src/auth/auth-request.h | 4 ++ 4 files changed, 55 insertions(+), 25 deletions(-) diffs (131 lines): diff -r 0c1e9bc8bc19 -r a28757b3f97a src/auth/auth-master-connection.c --- a/src/auth/auth-master-connection.c Fri Nov 18 21:31:15 2011 +0200 +++ b/src/auth/auth-master-connection.c Fri Nov 18 22:07:16 2011 +0200 @@ -147,7 +147,7 @@ arg++; } - (void)auth_request_import(auth_request, name, arg); + (void)auth_request_import_info(auth_request, name, arg); } if (auth_request->service == NULL) { diff -r 0c1e9bc8bc19 -r a28757b3f97a src/auth/auth-request-handler.c --- a/src/auth/auth-request-handler.c Fri Nov 18 21:31:15 2011 +0200 +++ b/src/auth/auth-request-handler.c Fri Nov 18 22:07:16 2011 +0200 @@ -427,7 +427,7 @@ arg++; } - if (auth_request_import(request, name, arg)) + if (auth_request_import_auth(request, name, arg)) ; else if (strcmp(name, "resp") == 0) { initial_resp = arg; diff -r 0c1e9bc8bc19 -r a28757b3f97a src/auth/auth-request.c --- a/src/auth/auth-request.c Fri Nov 18 21:31:15 2011 +0200 +++ b/src/auth/auth-request.c Fri Nov 18 22:07:16 2011 +0200 @@ -205,25 +205,11 @@ auth_stream_reply_add(reply, "mech", request->mech_name); } -bool auth_request_import(struct auth_request *request, - const char *key, const char *value) +bool auth_request_import_info(struct auth_request *request, + const char *key, const char *value) { - if (strcmp(key, "user") == 0) - request->user = p_strdup(request->pool, value); - else if (strcmp(key, "master_user") == 0) - request->master_user = p_strdup(request->pool, value); - else if (strcmp(key, "original_username") == 0) - request->original_username = p_strdup(request->pool, value); - else if (strcmp(key, "requested_login_user") == 0) - request->requested_login_user = p_strdup(request->pool, value); - else if (strcmp(key, "cert_username") == 0) { - if (request->set->ssl_username_from_cert) { - /* get username from SSL certificate. it overrides - the username given by the auth mechanism. */ - request->user = p_strdup(request->pool, value); - request->cert_username = TRUE; - } - } else if (strcmp(key, "service") == 0) + /* authentication and user lookups may set these */ + if (strcmp(key, "service") == 0) request->service = p_strdup(request->pool, value); else if (strcmp(key, "lip") == 0) net_addr2ip(value, &request->local_ip); @@ -233,14 +219,54 @@ request->local_port = atoi(value); else if (strcmp(key, "rport") == 0) request->remote_port = atoi(value); - else if (strcmp(key, "secured") == 0) + else + return FALSE; + return TRUE; +} + +bool auth_request_import_auth(struct auth_request *request, + const char *key, const char *value) +{ + if (auth_request_import_info(request, key, value)) + return TRUE; + + /* auth client may set these */ + if (strcmp(key, "secured") == 0) request->secured = TRUE; + else if (strcmp(key, "no-penalty") == 0) + request->no_penalty = TRUE; + else if (strcmp(key, "valid-client-cert") == 0) + request->valid_client_cert = TRUE; + else if (strcmp(key, "cert_username") == 0) { + if (request->set->ssl_username_from_cert) { + /* get username from SSL certificate. it overrides + the username given by the auth mechanism. */ + request->user = p_strdup(request->pool, value); + request->cert_username = TRUE; + } + } else { + return FALSE; + } + return TRUE; +} + +bool auth_request_import(struct auth_request *request, + const char *key, const char *value) +{ + if (auth_request_import_auth(request, key, value)) + return TRUE; + + /* for communication between auth master and worker processes */ + if (strcmp(key, "user") == 0) + request->user = p_strdup(request->pool, value); + else if (strcmp(key, "master_user") == 0) + request->master_user = p_strdup(request->pool, value); + else if (strcmp(key, "original_username") == 0) + request->original_username = p_strdup(request->pool, value); + else if (strcmp(key, "requested_login_user") == 0) + request->requested_login_user = p_strdup(request->pool, value); else if (strcmp(key, "nologin") == 0) request->no_login = TRUE; - else if (strcmp(key, "valid-client-cert") == 0) - request->valid_client_cert = TRUE; - else if (strcmp(key, "no-penalty") == 0) - request->no_penalty = TRUE; else if (strcmp(key, "successful") == 0) request->successful = TRUE; else if (strcmp(key, "skip_password_check") == 0) { diff -r 0c1e9bc8bc19 -r a28757b3f97a src/auth/auth-request.h --- a/src/auth/auth-request.h Fri Nov 18 21:31:15 2011 +0200 +++ b/src/auth/auth-request.h Fri Nov 18 22:07:16 2011 +0200 @@ -139,6 +139,10 @@ struct auth_stream_reply *reply); bool auth_request_import(struct auth_request *request, const char *key, const char *value); +bool auth_request_import_info(struct auth_request *request, + const char *key, const char *value); +bool auth_request_import_auth(struct auth_request *request, + const char *key, const char *value); void auth_request_initial(struct auth_request *request); void auth_request_continue(struct auth_request *request, From dovecot at dovecot.org Fri Nov 18 22:14:24 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 18 Nov 2011 22:14:24 +0200 Subject: dovecot-2.1: auth: Don't allow auth clients to set internal auth... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/9a6aa717bc46 changeset: 13728:9a6aa717bc46 user: Timo Sirainen date: Fri Nov 18 22:07:16 2011 +0200 description: auth: Don't allow auth clients to set internal auth request fields. This could have allowed attacker to bypass authentication if login process was first successfully attacked to allow arbitrary code execution. diffstat: src/auth/auth-master-connection.c | 2 +- src/auth/auth-request-handler.c | 2 +- src/auth/auth-request.c | 72 ++++++++++++++++++++++++++------------ src/auth/auth-request.h | 4 ++ 4 files changed, 55 insertions(+), 25 deletions(-) diffs (131 lines): diff -r ba1f99456742 -r 9a6aa717bc46 src/auth/auth-master-connection.c --- a/src/auth/auth-master-connection.c Fri Nov 18 21:37:34 2011 +0200 +++ b/src/auth/auth-master-connection.c Fri Nov 18 22:07:16 2011 +0200 @@ -174,7 +174,7 @@ arg++; } - (void)auth_request_import(auth_request, name, arg); + (void)auth_request_import_info(auth_request, name, arg); } if (auth_request->service == NULL) { diff -r ba1f99456742 -r 9a6aa717bc46 src/auth/auth-request-handler.c --- a/src/auth/auth-request-handler.c Fri Nov 18 21:37:34 2011 +0200 +++ b/src/auth/auth-request-handler.c Fri Nov 18 22:07:16 2011 +0200 @@ -433,7 +433,7 @@ arg++; } - if (auth_request_import(request, name, arg)) + if (auth_request_import_auth(request, name, arg)) ; else if (strcmp(name, "resp") == 0) { initial_resp = arg; diff -r ba1f99456742 -r 9a6aa717bc46 src/auth/auth-request.c --- a/src/auth/auth-request.c Fri Nov 18 21:37:34 2011 +0200 +++ b/src/auth/auth-request.c Fri Nov 18 22:07:16 2011 +0200 @@ -207,25 +207,11 @@ auth_stream_reply_add(reply, "mech", request->mech_name); } -bool auth_request_import(struct auth_request *request, - const char *key, const char *value) +bool auth_request_import_info(struct auth_request *request, + const char *key, const char *value) { - if (strcmp(key, "user") == 0) - request->user = p_strdup(request->pool, value); - else if (strcmp(key, "master_user") == 0) - request->master_user = p_strdup(request->pool, value); - else if (strcmp(key, "original_username") == 0) - request->original_username = p_strdup(request->pool, value); - else if (strcmp(key, "requested_login_user") == 0) - request->requested_login_user = p_strdup(request->pool, value); - else if (strcmp(key, "cert_username") == 0) { - if (request->set->ssl_username_from_cert) { - /* get username from SSL certificate. it overrides - the username given by the auth mechanism. */ - request->user = p_strdup(request->pool, value); - request->cert_username = TRUE; - } - } else if (strcmp(key, "service") == 0) + /* authentication and user lookups may set these */ + if (strcmp(key, "service") == 0) request->service = p_strdup(request->pool, value); else if (strcmp(key, "lip") == 0) net_addr2ip(value, &request->local_ip); @@ -235,14 +221,54 @@ request->local_port = atoi(value); else if (strcmp(key, "rport") == 0) request->remote_port = atoi(value); - else if (strcmp(key, "secured") == 0) + else + return FALSE; + return TRUE; +} + +bool auth_request_import_auth(struct auth_request *request, + const char *key, const char *value) +{ + if (auth_request_import_info(request, key, value)) + return TRUE; + + /* auth client may set these */ + if (strcmp(key, "secured") == 0) request->secured = TRUE; + else if (strcmp(key, "no-penalty") == 0) + request->no_penalty = TRUE; + else if (strcmp(key, "valid-client-cert") == 0) + request->valid_client_cert = TRUE; + else if (strcmp(key, "cert_username") == 0) { + if (request->set->ssl_username_from_cert) { + /* get username from SSL certificate. it overrides + the username given by the auth mechanism. */ + request->user = p_strdup(request->pool, value); + request->cert_username = TRUE; + } + } else { + return FALSE; + } + return TRUE; +} + +bool auth_request_import(struct auth_request *request, + const char *key, const char *value) +{ + if (auth_request_import_auth(request, key, value)) + return TRUE; + + /* for communication between auth master and worker processes */ + if (strcmp(key, "user") == 0) + request->user = p_strdup(request->pool, value); + else if (strcmp(key, "master_user") == 0) + request->master_user = p_strdup(request->pool, value); + else if (strcmp(key, "original_username") == 0) + request->original_username = p_strdup(request->pool, value); + else if (strcmp(key, "requested_login_user") == 0) + request->requested_login_user = p_strdup(request->pool, value); else if (strcmp(key, "nologin") == 0) request->no_login = TRUE; - else if (strcmp(key, "valid-client-cert") == 0) - request->valid_client_cert = TRUE; - else if (strcmp(key, "no-penalty") == 0) - request->no_penalty = TRUE; else if (strcmp(key, "successful") == 0) request->successful = TRUE; else if (strcmp(key, "skip_password_check") == 0) { diff -r ba1f99456742 -r 9a6aa717bc46 src/auth/auth-request.h --- a/src/auth/auth-request.h Fri Nov 18 21:37:34 2011 +0200 +++ b/src/auth/auth-request.h Fri Nov 18 22:07:16 2011 +0200 @@ -139,6 +139,10 @@ struct auth_stream_reply *reply); bool auth_request_import(struct auth_request *request, const char *key, const char *value); +bool auth_request_import_info(struct auth_request *request, + const char *key, const char *value); +bool auth_request_import_auth(struct auth_request *request, + const char *key, const char *value); void auth_request_initial(struct auth_request *request); void auth_request_continue(struct auth_request *request, From dovecot at dovecot.org Fri Nov 18 22:14:24 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 18 Nov 2011 22:14:24 +0200 Subject: dovecot-2.1: doc: Removed auth-protocol.txt. A more up to date v... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/46b07e8dca14 changeset: 13729:46b07e8dca14 user: Timo Sirainen date: Fri Nov 18 22:14:02 2011 +0200 description: doc: Removed auth-protocol.txt. A more up to date version is in wiki docs. diffstat: doc/auth-protocol.txt | 191 -------------------------------------------------- 1 files changed, 0 insertions(+), 191 deletions(-) diffs (201 lines): diff -r 9a6aa717bc46 -r 46b07e8dca14 doc/auth-protocol.txt --- a/doc/auth-protocol.txt Fri Nov 18 22:07:16 2011 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,197 +0,0 @@ -Dovecot Authentication Protocol v1.1 - - -General -------- - -This is a line based protocol. Each line is a command which ends with an LF -character. The maximum line length isn't defined, but it's currently -expected to fit into 8192 bytes. Authentication mechanism specific data -transfers are the largest single parameters. - -Each command is in format: - - TAB - -Parameters are split into required and optional parameters. Required -parameters aren't in any specific format, but optional parameters are -either booleans without a value, or a name=value pair. If optional parameter -name is unknown, the parameter should just be ignored. - -Typical command looks like (without spaces): - - command TAB param1 TAB param2 TAB optname=value TAB optboolean - -There is no way to have TABs or LFs in parameters. - - -Client <-> Server ------------------ - -Client is an untrusted authentication client process. It can serve one or -more users, so from user's point of view it's usually eg. IMAP or SMTP -server process. - -Server is an authentication server process. - -The connection starts by both client and server sending handshakes: - - C: "VERSION" TAB TAB - C: "CPID" TAB - - S: "VERSION" TAB TAB - S: "SPID" TAB - S: "CUID" TAB - S: "COOKIE" TAB - S: "MECH" TAB [TAB ] (multiple times) - S: "DONE" - -Both client and server should check that they support the same major version -number. If they don't, the other side isn't expected to be talking the same -protocol and should be disconnected. Minor version can be ignored. This -document is version number 1.1. - -CPID, SPID and specify client and server PIDs. They should be unique -identifiers for the specific process. UNIX process IDs are good choices. - -CUID is a server process-specific unique connection identifier. It's -different each time a connection is established for the server. - -CPID is used by master's REQUEST command. - -SPID can be used by authentication client to tell master what server -process handled the authentication. - -CUID is currently useful only for APOP authentication. - -COOKIE returns connection-specific 128 bit cookie in hex. It must be -given to REQUEST command. (Protocol v1.1+ / Dovecot v2.0+) - -DONE finishes the handshake from server. CPID finishes the handshake from -client. - - -Authentication Mechanisms -------------------------- - -MECH command announces an available authentication SASL mechanism. -Mechanisms may have parameters giving some details about them: - - - anonymous : Anonymous authentication - - plaintext : Transfers plaintext passwords - - dictionary : Subject to passive (dictionary) attack - - active : Subject to active (non-dictionary) attack - - forward-secrecy : Provides forward secrecy between sessions - - mutual-auth : Provides mutual authentication - - private : Don't advertise this as available SASL mechanism (eg. APOP) - - -Authentication Request ----------------------- - - C: "AUTH" TAB TAB TAB service= [TAB ] - - S1: "FAIL" TAB [TAB ] - S2: "CONT" TAB TAB - S3: "OK" TAB [TAB ] - -ID is a connection-specific unique request identifier. It must be a 32bit -number, so typically you'd just increment it by one. - -Service is the service requesting authentication, eg. POP3, IMAP, SMTP. - -AUTH parameters are: - - - lip= : Local IP - in standard string format, - - rip= : Remote IP - ie. for IPv4 127.0.0.1 and for IPv6 ::1 - - lport= : Local port number - - rport= : Remote port number - - secured : Remote user has secured transport to auth client - (eg. localhost, SSL, TLS) - - valid-client-cert : Remote user has presented a valid SSL certificate. - - resp= : Initial response for authentication mechanism. - NOTE: This must be the last parameter. Everything - after it is ignored. This is to avoid accidental - security holes if user-given data is directly put to - base64 string without filtering out tabs. - -FAIL parameters may contain: - - - reason= : should be sent to remote user instead of the standard - "Authentication failed" messages. For example "invalid base64 - data". It must NOT be used to give exact reason for - authentication failure (i.e. "user not found" vs. "password - mismatch"). - - temp : This is a temporary internal failure, e.g. connection was - lost to SQL database. - - authz : Authentication succeeded, but authorization failed (master - user's password was ok, but destnation user was not ok). - Added in Dovecot v1.2. - -CONT command means that the authentication continues, and more data is -expected from client to finish the authentication. Given base64 data should -be sent to client. - -FAIL and OK may contain multiple unspecified parameters which -authentication client may handle specially. The only one specified here is -"user=" parameter, which should always be sent if the userid is known. - - -Server <-> Master ------------------ - -Master is a trusted process which may query results of previous client -authentication or information about a specific user. Master is optional and -in SMTP AUTH case it's not needed. - -The connection starts by both server and master sending handshakes: - - S: "VERSION" TAB TAB - S: "SPID" TAB - - M: "VERSION" TAB TAB - -Auth with client <-> server, both should check that the version numbers are -valid. - -SPID can be used to let master identify the server process. - - -Master Requests ---------------- - - M: "REQUEST" TAB TAB TAB TAB - M: "USER" TAB TAB TAB service= [TAB ] - - S: "NOTFOUND" TAB - S: "FAIL" TAB [TAB ] - S: "USER" TAB TAB [TAB ] - -Master commands can request information about existing authentication -request, or about a specified user. - -USER command's service and parameters are the same as with AUTH client -request. - -ID is a connection-specific unique request identifier. It must be a 32bit -number, so typically you'd just increment it by one. - -NOTFOUND reply means that the user wasn't found. - -FAIL reply means an internal error occurred. Usually either a configuration -mistake or temporary error caused by lost resource (eg. database down). -Also unknown request IDs are reported as FAILs. Currently the only -specified parameter is "reason", which is used when user is wanted to be -put into "temporarily disabled" state and the reason string will be shown -to user on login or to LMTP RCPT TO reply. - -USER reply is sent if request succeeded. It can return parameters: - - uid= : System user ID. - gid= : System group ID. - home= : Home directory. - chroot= : Chroot directory. - mail= : Mail location. - system_user= : System user name which can be used to get extra groups. - This will probably be replaced later by giving just - multiple gid fields. From dovecot at dovecot.org Sat Nov 19 05:06:29 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 19 Nov 2011 05:06:29 +0200 Subject: dovecot-2.1: doc: Removed auth-protocol.txt from Makefile. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/338f35625e06 changeset: 13730:338f35625e06 user: Timo Sirainen date: Sat Nov 19 05:06:10 2011 +0200 description: doc: Removed auth-protocol.txt from Makefile. diffstat: doc/Makefile.am | 1 - 1 files changed, 0 insertions(+), 1 deletions(-) diffs (11 lines): diff -r 46b07e8dca14 -r 338f35625e06 doc/Makefile.am --- a/doc/Makefile.am Fri Nov 18 22:14:02 2011 +0200 +++ b/doc/Makefile.am Sat Nov 19 05:06:10 2011 +0200 @@ -5,7 +5,6 @@ SUBDIRS = man $(DOCDIRS) docfiles = \ - auth-protocol.txt \ documentation.txt \ securecoding.txt \ thread-refs.txt From pigeonhole at rename-it.nl Sat Nov 19 17:59:49 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 19 Nov 2011 16:59:49 +0100 Subject: dovecot-2.0-pigeonhole: Added tag 0.2.5 for changeset 873baa85e220 Message-ID: details: http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/618ccb1e3750 changeset: 1545:618ccb1e3750 user: Stephan Bosch date: Sat Nov 19 16:59:41 2011 +0100 description: Added tag 0.2.5 for changeset 873baa85e220 diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 873baa85e220 -r 618ccb1e3750 .hgtags --- a/.hgtags Sat Nov 19 16:59:27 2011 +0100 +++ b/.hgtags Sat Nov 19 16:59:41 2011 +0100 @@ -8,3 +8,4 @@ df8b38da248cbd6d83e9bd476ec2c92716ea193c 0.2.2 3ab2a125e1e2d478382c07853e99a5973d06afd6 0.2.3 0d071eaa6d5e2a9f524c94ddf1686f1b3091f604 0.2.4 +873baa85e2202f45a9c14fa21cccedc60f3715bc 0.2.5 From pigeonhole at rename-it.nl Sat Nov 19 17:59:48 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 19 Nov 2011 16:59:48 +0100 Subject: dovecot-2.0-pigeonhole: Released v0.2.5 for Dovecot v2.0.16. Message-ID: details: http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/873baa85e220 changeset: 1544:873baa85e220 user: Stephan Bosch date: Sat Nov 19 16:59:27 2011 +0100 description: Released v0.2.5 for Dovecot v2.0.16. diffstat: NEWS | 15 +++++++++++++++ configure.in | 2 +- 2 files changed, 16 insertions(+), 1 deletions(-) diffs (31 lines): diff -r 5b1080bbeee5 -r 873baa85e220 NEWS --- a/NEWS Wed Nov 09 17:26:18 2011 +0100 +++ b/NEWS Sat Nov 19 16:59:27 2011 +0100 @@ -1,3 +1,18 @@ +v0.2.5 19-11-2011 Stephan Bosch + + + Sieve vacation extension: made discard message for implicit delivery more + verbose + - The sieve-test tool: mixed up original and final envelope recipient in + implementation of command line arguments. + - Sieve vacation extension: resolved FIXME regarding the use of variables in + the :handle argument. Variables are now handled correctly. + - Sieve body extension: fixed handling of :content "message/rfc822". This now + yields the headers of the embedded message as required by the specification. + Handling of :content "multipart" remains to be fixed. + - LDA Sieve plugin: fixed problem with recipient_delimiter configuration. Now + falls back to global recipient_delimiter setting if + plugin/recipient_delimiter is not set. + v0.2.4 13-09-2011 Stephan Bosch + Vacation extension: finally added support for using the original recipient diff -r 5b1080bbeee5 -r 873baa85e220 configure.in --- a/configure.in Wed Nov 09 17:26:18 2011 +0100 +++ b/configure.in Sat Nov 19 16:59:27 2011 +0100 @@ -1,4 +1,4 @@ -AC_INIT([Pigeonhole], [0.2.4], [dovecot at dovecot.org], [dovecot-2.0-pigeonhole]) +AC_INIT([Pigeonhole], [0.2.5], [dovecot at dovecot.org], [dovecot-2.0-pigeonhole]) AC_CONFIG_AUX_DIR([.]) AC_CONFIG_SRCDIR([src]) AC_CONFIG_MACRO_DIR([m4]) From pigeonhole at rename-it.nl Sat Nov 19 18:02:36 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 19 Nov 2011 17:02:36 +0100 Subject: dovecot-2.0-pigeonhole: Added signature for changeset 873baa85e220 Message-ID: details: http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/e2c092d3198e changeset: 1546:e2c092d3198e user: Stephan Bosch date: Sat Nov 19 17:02:15 2011 +0100 description: Added signature for changeset 873baa85e220 diffstat: .hgsigs | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 618ccb1e3750 -r e2c092d3198e .hgsigs --- a/.hgsigs Sat Nov 19 16:59:41 2011 +0100 +++ b/.hgsigs Sat Nov 19 17:02:15 2011 +0100 @@ -2,3 +2,4 @@ df8b38da248cbd6d83e9bd476ec2c92716ea193c 0 iQEcBAABAgAGBQJM/WxCAAoJEATWKx49+7T0blMH/0Cdwr16xm5I9koqhVu3KKToePJqVIG723rdLjyBeTgr/0T5UTXzkPT8OHnzJ/SRcI8AiVJiLtTEFYAKsegJxFo3TEztlZ+cO2k8JT2HnL1w8RYeagihMyDdBPD+dpv+US+0eWHGmbmLvxi1UlfyqGiPZrKQmCuRtpzJTwzkGKOGdg+ln+kifvwzNhVGNC1URdfYOkO/vZL8W47OREtF4U2zV6l/KM6m4fnrUp7YdOBdYFwen6Yux6NDQzqXkUoJQ0xNsqp4HYGvSDCzRBI6tba++mGQ5tAvYyJuqwRKToMH/fk5al4igraZI8MH0tSZplHGxUAhsq8JO1/v83kudbM= 3ab2a125e1e2d478382c07853e99a5973d06afd6 0 iQEcBAABAgAGBQJNp1ztAAoJEATWKx49+7T0CJcH/24Txa1ynS5hBUhOuWTpUTGtm+9cMpWoQ33exiMR0pm8ycxsUQcKfRtO/cRHQX1CW3PqQs3DGZ31QdEEg0CyX8OsBbP/dwdEcnLRYF5BsJMyfy+Qnbhxn+wV0k9s9AUgZTdvPKrg1hFa6XS+6SE3N33AA4Y2eYYZGzFuDiSoN7fGx7PATCrobMsmp5WtBiKoy4WyP2SwDv/VgKy0PQTF+6+0t0MMCBSurLzpHk8dDuBonWIBgbJRM/sk9f+cYbU/ESRMcryZbbau9EwMQIQJfprGH6WP/gwysF0pu47zQERMuVt3fFzXUzrfxVpMOI7EkLgnF+Tes0vA7dKh1x+vvec= 0d071eaa6d5e2a9f524c94ddf1686f1b3091f604 0 iQEcBAABAgAGBQJOb8BjAAoJEATWKx49+7T0cAcH/3coc1MhQj8zUdC+NB3N8eUkQ3AF3QQgSfP9uXs9BhvPw70Ts9MLJiO54RhhYf/k9VxptzWk7MPJF47v4NEEKHkjDDMXtPbVOxHjNa2Ny8EAuWe4dv5X0faAlH4Ks58enDchCmunX1DgQtC1f+gHqVtvTpGAROFPqkBe5RGOJ0jQd+2hTTlf1BpLl44fiBdYd6350haX0KjDGNthX9ETVc3bnbdIiXSy7DPnn0ELhvTbgkl4Zu1tA778IJy/JjsCPb2YueX7LsksvxcSZHqv80Zd3JJhs5a3ZeHijN6twpe7VZD9FO+jPOKA1rr/HYwCv0KweKgmwVHCdaT+Mq4OLPc= +873baa85e2202f45a9c14fa21cccedc60f3715bc 0 iQEcBAABAgAGBQJOx9MCAAoJEATWKx49+7T09aUIANIKsuzM3bGhtGJ/UPIwzpOu39lEGCmHah6dMa+bDOoCZhuhASDdTuvRKXTfGC57GMu+NzBK6I7heFiPD3E4VTI4xOCK1azJ9G4SsiDEkQThucXqWBKDjPB0RgOEf6iefAkslXIU3cprJgattwpeXbUKiHjBhoYJFJ5j/GTx1B62ndvaTfMu1zF5UppiyRG1rQD7FLY4f6kANzSI2jOOCBs4UFH7ZKhafO1AeQfLNDvxdDczZafPZxrCIF+5JCNvQ6Xue/JrvRZQ0V9sxLQat7clUJ6I6Ejl5u5l1LF+VscWldfaQKwDdOktCVux84YGH8+XqXaukMiEg6j4hceAYIM= From pigeonhole at rename-it.nl Sat Nov 19 18:51:54 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 19 Nov 2011 17:51:54 +0100 Subject: dovecot-2.1-pigeonhole: Upgraded package version to 0.3.0 and up... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/c94b71745f38 changeset: 1548:c94b71745f38 user: Stephan Bosch date: Sat Nov 19 17:51:03 2011 +0100 description: Upgraded package version to 0.3.0 and updated documentation. diffstat: INSTALL | 2 +- NEWS | 4 ++++ README | 2 +- TODO | 19 ++++++++++--------- configure.in | 2 +- doc/man/pigeonhole.7.in | 4 ++-- doc/man/sieve-dump.1.in | 2 +- doc/man/sieve-filter.1.in | 2 +- doc/man/sieve-test.1.in | 2 +- doc/man/sievec.1.in | 2 +- 10 files changed, 23 insertions(+), 18 deletions(-) diffs (149 lines): diff -r 7de7d7d01d55 -r c94b71745f38 INSTALL --- a/INSTALL Sat Nov 19 17:17:20 2011 +0100 +++ b/INSTALL Sat Nov 19 17:51:03 2011 +0100 @@ -30,7 +30,7 @@ or to a Dovecot source directory that is already compiled: -./configure --with-dovecot=../dovecot-2.0.0 +./configure --with-dovecot=../dovecot-2.1.0 make sudo make install diff -r 7de7d7d01d55 -r c94b71745f38 NEWS --- a/NEWS Sat Nov 19 17:17:20 2011 +0100 +++ b/NEWS Sat Nov 19 17:51:03 2011 +0100 @@ -1,3 +1,7 @@ +v0.3.0 [TO BE RELEASED] Stephan Bosch + + + v0.2.5 19-11-2011 Stephan Bosch + Sieve vacation extension: made discard message for implicit delivery more diff -r 7de7d7d01d55 -r c94b71745f38 README --- a/README Sat Nov 19 17:17:20 2011 +0100 +++ b/README Sat Nov 19 17:51:03 2011 +0100 @@ -1,4 +1,4 @@ -Pigeonhole for Dovecot v2.0 +Pigeonhole for Dovecot v2.1 Introduction ============ diff -r 7de7d7d01d55 -r c94b71745f38 TODO --- a/TODO Sat Nov 19 17:17:20 2011 +0100 +++ b/TODO Sat Nov 19 17:51:03 2011 +0100 @@ -1,12 +1,6 @@ Current activities: -* Build a sieve tool to filter an entire existing mailbox through a Sieve - script. - > Needs to have single mail transaction for each destination folder for - all moved messages. Otherwise, partial failure cannot be prevented. - - Implement ability to group Sieve execution results of all processed messages - into one big `Sieve transaction' object, which (among other things) keeps - track of opened mailboxes and transactions. Is probably also more efficient. +* Implement editheader extension Parallel plugin-based efforts: @@ -19,6 +13,14 @@ Next (mostly in order of descending priority/precedence): +* Implement index extension +* Build a sieve tool to filter an entire existing mailbox through a Sieve + script. + > Needs to have single mail transaction for each destination folder for + all moved messages. Otherwise, partial failure cannot be prevented. + - Implement ability to group Sieve execution results of all processed messages + into one big `Sieve transaction' object, which (among other things) keeps + track of opened mailboxes and transactions. Is probably also more efficient. * Update include extension to latest draft (v10 currently): - Implement :optional tag. - Implement required ManageSieve behavior @@ -26,7 +28,6 @@ (for efficiency). * Improve error handling. - Implement dropping errors in the user's mailbox as a mail message. -* Implement index extension * Further develop regex extension and update it to the latest draft: - Implement the :quoteregex set modifier - Investigate the use of the TRE regexp library to gain UTF-8 capability @@ -73,7 +74,7 @@ * Build a server with test mail accounts that processes lots and lots of mail (e.g. spam, mailing lists etc.) -* ## MAKE A THIRD RELEASE (0.3.x) ## +* ## MAKE A FOURTH MAIN RELEASE (0.4.x) ## * Implement extlists extension as a plugin * Enotify extension: detect use of variable values extracted from the message diff -r 7de7d7d01d55 -r c94b71745f38 configure.in --- a/configure.in Sat Nov 19 17:17:20 2011 +0100 +++ b/configure.in Sat Nov 19 17:51:03 2011 +0100 @@ -1,4 +1,4 @@ -AC_INIT([Pigeonhole], [0.2.5], [dovecot at dovecot.org], [dovecot-2.0-pigeonhole]) +AC_INIT([Pigeonhole], [0.3.0], [dovecot at dovecot.org], [dovecot-2.1-pigeonhole]) AC_CONFIG_AUX_DIR([.]) AC_CONFIG_SRCDIR([src]) AC_CONFIG_MACRO_DIR([m4]) diff -r 7de7d7d01d55 -r c94b71745f38 doc/man/pigeonhole.7.in --- a/doc/man/pigeonhole.7.in Sat Nov 19 17:17:20 2011 +0100 +++ b/doc/man/pigeonhole.7.in Sat Nov 19 17:51:03 2011 +0100 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010-2011 Pigeonhole authors, see the included COPYING file -.TH "PIGEONHOLE" 7 "2010-03-05" "Pigeonhole for Dovecot v2.0" "Pigeonhole" +.TH "PIGEONHOLE" 7 "2011-11-19" "Pigeonhole for Dovecot v2.1" "Pigeonhole" .\"------------------------------------------------------------------------ .SH NAME pigeonhole \- Overview of the Pigeonhole project\(aqs Sieve support for the @@ -83,7 +83,7 @@ Additional resources: .IP "Dovecot website" http://www.dovecot.org -.IP "Dovecot v2.0 Wiki" +.IP "Dovecot v2.x Wiki" http://wiki2.dovecot.org/Pigeonhole .IP "Pigeonhole website" http://pigeonhole.dovecot.org diff -r 7de7d7d01d55 -r c94b71745f38 doc/man/sieve-dump.1.in --- a/doc/man/sieve-dump.1.in Sat Nov 19 17:17:20 2011 +0100 +++ b/doc/man/sieve-dump.1.in Sat Nov 19 17:51:03 2011 +0100 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010-2011 Pigeonhole authors, see the included COPYING file -.TH "SIEVE\-DUMP" 1 "2011-10-04" "Pigeonhole for Dovecot v2.0" "Pigeonhole" +.TH "SIEVE\-DUMP" 1 "2011-11-19" "Pigeonhole for Dovecot v2.1" "Pigeonhole" .\"------------------------------------------------------------------------ .SH NAME sieve\-dump \- Pigeonhole\(aqs Sieve script binary dump tool diff -r 7de7d7d01d55 -r c94b71745f38 doc/man/sieve-filter.1.in --- a/doc/man/sieve-filter.1.in Sat Nov 19 17:17:20 2011 +0100 +++ b/doc/man/sieve-filter.1.in Sat Nov 19 17:51:03 2011 +0100 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010-2011 Pigeonhole authors, see the included COPYING file -.TH "SIEVE\-FILTER" 1 "2011-10-04" "Pigeonhole for Dovecot v2.0" "Pigeonhole" +.TH "SIEVE\-FILTER" 1 "2011-11-19" "Pigeonhole for Dovecot v2.1" "Pigeonhole" .SH NAME sieve\-filter \- Pigeonhole\(aqs Sieve mailbox filter tool diff -r 7de7d7d01d55 -r c94b71745f38 doc/man/sieve-test.1.in --- a/doc/man/sieve-test.1.in Sat Nov 19 17:17:20 2011 +0100 +++ b/doc/man/sieve-test.1.in Sat Nov 19 17:51:03 2011 +0100 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010-2011 Pigeonhole authors, see the included COPYING file -.TH "SIEVE\-TEST" 1 "2011-10-04" "Pigeonhole for Dovecot v2.0" "Pigeonhole" +.TH "SIEVE\-TEST" 1 "2011-11-19" "Pigeonhole for Dovecot v2.1" "Pigeonhole" .SH NAME sieve\-test \- Pigeonhole\(aqs Sieve script tester .\"------------------------------------------------------------------------ diff -r 7de7d7d01d55 -r c94b71745f38 doc/man/sievec.1.in --- a/doc/man/sievec.1.in Sat Nov 19 17:17:20 2011 +0100 +++ b/doc/man/sievec.1.in Sat Nov 19 17:51:03 2011 +0100 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010-2011 Pigeonhole authors, see the included COPYING file -.TH "SIEVEC" 1 "2011-10-04" "Pigeonhole for Dovecot v2.0" "Pigeonhole" +.TH "SIEVEC" 1 "2011-11-19" "Pigeonhole for Dovecot v2.1" "Pigeonhole" .\"------------------------------------------------------------------------ .SH NAME sievec \- Pigeonhole\(aqs Sieve script compiler From pigeonhole at rename-it.nl Sat Nov 19 18:54:16 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 19 Nov 2011 17:54:16 +0100 Subject: dovecot-2.0-pigeonhole: Moved active development to Dovecot v2.1... Message-ID: details: http://hg.rename-it.nl/dovecot-2.0-pigeonhole/rev/a0215970fab1 changeset: 1547:a0215970fab1 user: Stephan Bosch date: Sat Nov 19 17:54:11 2011 +0100 description: Moved active development to Dovecot v2.1; updated TODO. diffstat: TODO | 19 ++++++------------- 1 files changed, 6 insertions(+), 13 deletions(-) diffs (33 lines): diff -r e2c092d3198e -r a0215970fab1 TODO --- a/TODO Sat Nov 19 17:02:15 2011 +0100 +++ b/TODO Sat Nov 19 17:54:11 2011 +0100 @@ -1,4 +1,9 @@ -Current activities: +Active development is moved to Pigeonhole v0.3 for Dovecot v2.1. The v0.2.x +series for Dovecot v2.0 is maintained for bug fixes and small updates. Check +http://hg.rename-it.nl/dovecot-2.1-pigeonhole/raw-file/tip/TODO for the most +up-to-date TODO list. + +Open TODO issues for this revision: * Build a sieve tool to filter an entire existing mailbox through a Sieve script. @@ -7,18 +12,6 @@ - Implement ability to group Sieve execution results of all processed messages into one big `Sieve transaction' object, which (among other things) keeps track of opened mailboxes and transactions. Is probably also more efficient. - -Parallel plugin-based efforts: - -* Implement plugin to pipe messages to external programs. Will probably be - merged with the main tree eventually. -* Implement enotify xmpp method as a plugin. -* Implement metadata and servermetadata extensions as a plugin. - - Compiles against dovecot metadata plugin, as currently developed by - Dennis Schridde. - -Next (mostly in order of descending priority/precedence): - * Update include extension to latest draft (v10 currently): - Implement :optional tag. - Implement required ManageSieve behavior From dovecot at dovecot.org Sat Nov 19 21:48:26 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 19 Nov 2011 21:48:26 +0200 Subject: dovecot-2.1: Compile fix for OSX. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/b2c9298e981a changeset: 13731:b2c9298e981a user: Timo Sirainen date: Sat Nov 19 21:48:14 2011 +0200 description: Compile fix for OSX. diffstat: src/lib/env-util.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r 338f35625e06 -r b2c9298e981a src/lib/env-util.c --- a/src/lib/env-util.c Sat Nov 19 05:06:10 2011 +0200 +++ b/src/lib/env-util.c Sat Nov 19 21:48:14 2011 +0200 @@ -59,7 +59,7 @@ if (clearenv() < 0) i_fatal("clearenv() failed"); #else - extern char **environ; + char **environ = *env_get_environ_p(); /* Try to clear the environment. From dovecot at dovecot.org Sat Nov 19 22:29:41 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 19 Nov 2011 22:29:41 +0200 Subject: dovecot-2.1: env_clean(): Previous OSX compile fix broke the fun... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/9d022d3fba42 changeset: 13732:9d022d3fba42 user: Timo Sirainen date: Sat Nov 19 22:29:31 2011 +0200 description: env_clean(): Previous OSX compile fix broke the function completely. diffstat: src/lib/env-util.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diffs (21 lines): diff -r b2c9298e981a -r 9d022d3fba42 src/lib/env-util.c --- a/src/lib/env-util.c Sat Nov 19 21:48:14 2011 +0200 +++ b/src/lib/env-util.c Sat Nov 19 22:29:31 2011 +0200 @@ -59,7 +59,7 @@ if (clearenv() < 0) i_fatal("clearenv() failed"); #else - char **environ = *env_get_environ_p(); + char ***environ_p = env_get_environ_p(); /* Try to clear the environment. @@ -68,7 +68,7 @@ c) environ = emptyenv doesn't work on Haiku OS d) environ = calloc() should work everywhere */ - environ = calloc(1, sizeof(*environ)); + *environ_p = calloc(1, sizeof(**environ_p)); #endif if (env_pool != NULL) p_clear(env_pool); From dovecot at dovecot.org Sat Nov 19 23:05:13 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 19 Nov 2011 23:05:13 +0200 Subject: dovecot-2.1: login: Log a different disconnect message if client... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/679837ca1c95 changeset: 13733:679837ca1c95 user: Timo Sirainen date: Sat Nov 19 23:04:54 2011 +0200 description: login: Log a different disconnect message if client didn't finish SASL auth. diffstat: src/login-common/client-common-auth.c | 2 ++ src/login-common/client-common.c | 4 ++++ src/login-common/client-common.h | 1 + src/login-common/sasl-server.c | 1 + 4 files changed, 8 insertions(+), 0 deletions(-) diffs (55 lines): diff -r 9d022d3fba42 -r 679837ca1c95 src/login-common/client-common-auth.c --- a/src/login-common/client-common-auth.c Sat Nov 19 22:29:31 2011 +0200 +++ b/src/login-common/client-common-auth.c Sat Nov 19 23:04:54 2011 +0200 @@ -371,6 +371,7 @@ if (client->v.auth_parse_response(client) <= 0) return; + client->auth_waiting = FALSE; client_set_auth_waiting(client); auth_client_request_continue(client->auth_request, str_c(client->auth_response)); @@ -468,6 +469,7 @@ str_truncate(client->auth_response, 0); i_assert(client->io == NULL); + client->auth_waiting = TRUE; client->io = io_add(client->fd, IO_READ, client_auth_input, client); client_auth_input(client); diff -r 9d022d3fba42 -r 679837ca1c95 src/login-common/client-common.c --- a/src/login-common/client-common.c Sat Nov 19 22:29:31 2011 +0200 +++ b/src/login-common/client-common.c Sat Nov 19 23:04:54 2011 +0200 @@ -529,6 +529,10 @@ return "(cert required, client didn't start TLS)"; if (client->auth_tried_unsupported_mech) return "(tried to use unsupported auth mechanism)"; + if (client->auth_waiting && client->auth_attempts == 1) { + return t_strdup_printf("(client didn't finish SASL auth, " + "waited %u secs)", auth_secs); + } if (client->auth_request != NULL && client->auth_attempts == 1) { return t_strdup_printf("(disconnected while authenticating, " "waited %u secs)", auth_secs); diff -r 9d022d3fba42 -r 679837ca1c95 src/login-common/client-common.h --- a/src/login-common/client-common.h Sat Nov 19 22:29:31 2011 +0200 +++ b/src/login-common/client-common.h Sat Nov 19 23:04:54 2011 +0200 @@ -126,6 +126,7 @@ unsigned int auth_try_aborted:1; unsigned int auth_initializing:1; unsigned int auth_process_comm_fail:1; + unsigned int auth_waiting:1; /* ... */ }; diff -r 9d022d3fba42 -r 679837ca1c95 src/login-common/sasl-server.c --- a/src/login-common/sasl-server.c Sat Nov 19 22:29:31 2011 +0200 +++ b/src/login-common/sasl-server.c Sat Nov 19 23:04:54 2011 +0200 @@ -212,6 +212,7 @@ i_assert(status < 0); return; } + client->auth_waiting = FALSE; i_assert(client->auth_request == request); switch (status) { From dovecot at dovecot.org Sat Nov 19 23:15:55 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 19 Nov 2011 23:15:55 +0200 Subject: dovecot-2.1: login: Show empty username in disconnect message. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/6e87e399ccd7 changeset: 13735:6e87e399ccd7 user: Timo Sirainen date: Sat Nov 19 23:15:19 2011 +0200 description: login: Show empty username in disconnect message. diffstat: src/login-common/client-common.c | 8 ++++++-- 1 files changed, 6 insertions(+), 2 deletions(-) diffs (18 lines): diff -r b1955fdf2ef8 -r 6e87e399ccd7 src/login-common/client-common.c --- a/src/login-common/client-common.c Sat Nov 19 23:14:59 2011 +0200 +++ b/src/login-common/client-common.c Sat Nov 19 23:15:19 2011 +0200 @@ -416,8 +416,12 @@ key = var_get_key(str); for (i = 0; table[i].key != '\0'; i++) { if (table[i].key == key) { - return table[i].value != NULL && - table[i].value[0] != '\0'; + if (table[i].value == NULL) + return FALSE; + if (table[i].value[0] != '\0') + return TRUE; + /* "" key - hide except in username */ + return key == 'u' || key == 'n'; } } return FALSE; From dovecot at dovecot.org Sat Nov 19 23:15:55 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 19 Nov 2011 23:15:55 +0200 Subject: dovecot-2.1: auth: If auth fails due to invalid username, send t... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/b1955fdf2ef8 changeset: 13734:b1955fdf2ef8 user: Timo Sirainen date: Sat Nov 19 23:14:59 2011 +0200 description: auth: If auth fails due to invalid username, send the username in the FAIL message. diffstat: src/auth/auth-request-handler.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diffs (14 lines): diff -r 679837ca1c95 -r b1955fdf2ef8 src/auth/auth-request-handler.c --- a/src/auth/auth-request-handler.c Sat Nov 19 23:04:54 2011 +0200 +++ b/src/auth/auth-request-handler.c Sat Nov 19 23:14:59 2011 +0200 @@ -299,6 +299,10 @@ auth_stream_reply_add(reply, NULL, dec2str(request->id)); if (request->user != NULL) auth_stream_reply_add(reply, "user", request->user); + else if (request->original_username != NULL) { + auth_stream_reply_add(reply, "user", + request->original_username); + } if (request->internal_failure) auth_stream_reply_add(reply, "temp", NULL); From dovecot at dovecot.org Sat Nov 19 23:42:16 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 19 Nov 2011 23:42:16 +0200 Subject: dovecot-2.1: auth: Moved all i_fatal()s to preinit stage. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/ffb2993c99cf changeset: 13737:ffb2993c99cf user: Timo Sirainen date: Sat Nov 19 23:41:17 2011 +0200 description: auth: Moved all i_fatal()s to preinit stage. This avoids a wrongly configured auth process from rapidly respawning. diffstat: src/auth/auth.c | 123 +++++++++++++++++++++++----------------------- src/auth/passdb-passwd.c | 15 +++- src/auth/passdb-shadow.c | 15 +++- 3 files changed, 81 insertions(+), 72 deletions(-) diffs (225 lines): diff -r 6b62d786fdc4 -r ffb2993c99cf src/auth/auth.c --- a/src/auth/auth.c Sat Nov 19 23:28:18 2011 +0200 +++ b/src/auth/auth.c Sat Nov 19 23:41:17 2011 +0200 @@ -47,66 +47,6 @@ auth_userdb->userdb = userdb_preinit(auth->pool, set); } -static struct auth * -auth_preinit(const struct auth_settings *set, const char *service, pool_t pool, - const struct mechanisms_register *reg) -{ - struct auth_passdb_settings *const *passdbs; - struct auth_userdb_settings *const *userdbs; - struct auth *auth; - unsigned int i, count, db_count, passdb_count, last_passdb = 0; - - auth = p_new(pool, struct auth, 1); - auth->pool = pool; - auth->service = p_strdup(pool, service); - auth->set = set; - auth->reg = reg; - - if (array_is_created(&set->passdbs)) - passdbs = array_get(&set->passdbs, &db_count); - else { - passdbs = NULL; - db_count = 0; - } - - /* initialize passdbs first and count them */ - for (passdb_count = 0, i = 0; i < db_count; i++) { - if (passdbs[i]->master) - continue; - - auth_passdb_preinit(auth, passdbs[i], &auth->passdbs); - passdb_count++; - last_passdb = i; - } - if (passdb_count != 0 && passdbs[last_passdb]->pass) - i_fatal("Last passdb can't have pass=yes"); - - for (i = 0; i < db_count; i++) { - if (!passdbs[i]->master) - continue; - - if (passdbs[i]->deny) - i_fatal("Master passdb can't have deny=yes"); - if (passdbs[i]->pass && passdb_count == 0) { - i_fatal("Master passdb can't have pass=yes " - "if there are no passdbs"); - } - auth_passdb_preinit(auth, passdbs[i], &auth->masterdbs); - } - - if (array_is_created(&set->userdbs)) { - userdbs = array_get(&set->userdbs, &count); - for (i = 0; i < count; i++) - auth_userdb_preinit(auth, userdbs[i]); - } - - if (auth->userdbs == NULL) { - /* use a dummy userdb static. */ - auth_userdb_preinit(auth, &userdb_dummy_set); - } - return auth; -} - static bool auth_passdb_list_have_verify_plain(struct auth *auth) { struct auth_passdb *passdb; @@ -185,6 +125,67 @@ } } +static struct auth * +auth_preinit(const struct auth_settings *set, const char *service, pool_t pool, + const struct mechanisms_register *reg) +{ + struct auth_passdb_settings *const *passdbs; + struct auth_userdb_settings *const *userdbs; + struct auth *auth; + unsigned int i, count, db_count, passdb_count, last_passdb = 0; + + auth = p_new(pool, struct auth, 1); + auth->pool = pool; + auth->service = p_strdup(pool, service); + auth->set = set; + auth->reg = reg; + + if (array_is_created(&set->passdbs)) + passdbs = array_get(&set->passdbs, &db_count); + else { + passdbs = NULL; + db_count = 0; + } + + /* initialize passdbs first and count them */ + for (passdb_count = 0, i = 0; i < db_count; i++) { + if (passdbs[i]->master) + continue; + + auth_passdb_preinit(auth, passdbs[i], &auth->passdbs); + passdb_count++; + last_passdb = i; + } + if (passdb_count != 0 && passdbs[last_passdb]->pass) + i_fatal("Last passdb can't have pass=yes"); + + for (i = 0; i < db_count; i++) { + if (!passdbs[i]->master) + continue; + + if (passdbs[i]->deny) + i_fatal("Master passdb can't have deny=yes"); + if (passdbs[i]->pass && passdb_count == 0) { + i_fatal("Master passdb can't have pass=yes " + "if there are no passdbs"); + } + auth_passdb_preinit(auth, passdbs[i], &auth->masterdbs); + } + + if (array_is_created(&set->userdbs)) { + userdbs = array_get(&set->userdbs, &count); + for (i = 0; i < count; i++) + auth_userdb_preinit(auth, userdbs[i]); + } + + if (auth->userdbs == NULL) { + /* use a dummy userdb static. */ + auth_userdb_preinit(auth, &userdb_dummy_set); + } + auth_mech_list_verify_passdb(auth); + return auth; +} + static void auth_init(struct auth *auth) { struct auth_passdb *passdb; @@ -196,8 +197,6 @@ passdb_init(passdb->passdb); for (userdb = auth->userdbs; userdb != NULL; userdb = userdb->next) userdb_init(userdb->userdb); - - auth_mech_list_verify_passdb(auth); } static void auth_deinit(struct auth *auth) diff -r 6b62d786fdc4 -r ffb2993c99cf src/auth/passdb-passwd.c --- a/src/auth/passdb-passwd.c Sat Nov 19 23:28:18 2011 +0200 +++ b/src/auth/passdb-passwd.c Sat Nov 19 23:41:17 2011 +0200 @@ -61,16 +61,21 @@ callback(PASSDB_RESULT_OK, request); } -static void passwd_init(struct passdb_module *module) +static struct passdb_module * +passwd_preinit(pool_t pool, const char *args) { + struct passdb_module *module; + + module = p_new(pool, struct passdb_module, 1); module->blocking = TRUE; - if (strcmp(module->args, "blocking=no") == 0) + if (strcmp(args, "blocking=no") == 0) module->blocking = FALSE; - else if (*module->args != '\0') - i_fatal("passdb passwd: Unknown setting: %s", module->args); + else if (*args != '\0') + i_fatal("passdb passwd: Unknown setting: %s", args); module->cache_key = PASSWD_CACHE_KEY; module->default_pass_scheme = PASSWD_PASS_SCHEME; + return module; } static void passwd_deinit(struct passdb_module *module ATTR_UNUSED) @@ -81,8 +86,8 @@ struct passdb_module_interface passdb_passwd = { "passwd", + passwd_preinit, NULL, - passwd_init, passwd_deinit, passwd_verify_plain, diff -r 6b62d786fdc4 -r ffb2993c99cf src/auth/passdb-shadow.c --- a/src/auth/passdb-shadow.c Sat Nov 19 23:28:18 2011 +0200 +++ b/src/auth/passdb-shadow.c Sat Nov 19 23:41:17 2011 +0200 @@ -57,16 +57,21 @@ callback(PASSDB_RESULT_OK, request); } -static void shadow_init(struct passdb_module *module) +static struct passdb_module * +shadow_preinit(pool_t pool, const char *args) { + struct passdb_module *module; + + module = p_new(pool, struct passdb_module, 1); module->blocking = TRUE; - if (strcmp(module->args, "blocking=no") == 0) + if (strcmp(args, "blocking=no") == 0) module->blocking = FALSE; - else if (*module->args != '\0') - i_fatal("passdb shadow: Unknown setting: %s", module->args); + else if (*args != '\0') + i_fatal("passdb shadow: Unknown setting: %s", args); module->cache_key = SHADOW_CACHE_KEY; module->default_pass_scheme = SHADOW_PASS_SCHEME; + return module; } static void shadow_deinit(struct passdb_module *module ATTR_UNUSED) @@ -77,8 +82,8 @@ struct passdb_module_interface passdb_shadow = { "shadow", + shadow_preinit, NULL, - shadow_init, shadow_deinit, shadow_verify_plain, From dovecot at dovecot.org Sat Nov 19 23:42:16 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 19 Nov 2011 23:42:16 +0200 Subject: dovecot-2.1: auth: Handle auth worker creation failure without k... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/6b62d786fdc4 changeset: 13736:6b62d786fdc4 user: Timo Sirainen date: Sat Nov 19 23:28:18 2011 +0200 description: auth: Handle auth worker creation failure without killing the whole auth process. diffstat: src/auth/auth-worker-server.c | 8 +++++--- 1 files changed, 5 insertions(+), 3 deletions(-) diffs (29 lines): diff -r 6e87e399ccd7 -r 6b62d786fdc4 src/auth/auth-worker-server.c --- a/src/auth/auth-worker-server.c Sat Nov 19 23:15:19 2011 +0200 +++ b/src/auth/auth-worker-server.c Sat Nov 19 23:28:18 2011 +0200 @@ -155,12 +155,13 @@ fd = net_connect_unix_with_retries(worker_socket_path, 5000); if (fd == -1) { if (errno == EACCES) { - i_fatal("%s", eacces_error_get("net_connect_unix", + i_error("%s", eacces_error_get("net_connect_unix", worker_socket_path)); } else { - i_fatal("net_connect_unix(%s) failed: %m", + i_error("net_connect_unix(%s) failed: %m", worker_socket_path); } + return NULL; } conn = i_new(struct auth_worker_connection, 1); @@ -217,7 +218,8 @@ if (idle_count == 0 && restart) { conn = auth_worker_create(); - auth_worker_request_send_next(conn); + if (conn != NULL) + auth_worker_request_send_next(conn); } } From dovecot at dovecot.org Sat Nov 19 23:42:16 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 19 Nov 2011 23:42:16 +0200 Subject: dovecot-2.1: director: Moved all i_fatal()s to preinit stage. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/5ce2123d24ed changeset: 13738:5ce2123d24ed user: Timo Sirainen date: Sat Nov 19 23:41:50 2011 +0200 description: director: Moved all i_fatal()s to preinit stage. This avoids a wrongly configured director process from rapidly respawning. diffstat: src/director/main.c | 10 +++++----- 1 files changed, 5 insertions(+), 5 deletions(-) diffs (33 lines): diff -r ffb2993c99cf -r 5ce2123d24ed src/director/main.c --- a/src/director/main.c Sat Nov 19 23:41:17 2011 +0200 +++ b/src/director/main.c Sat Nov 19 23:41:50 2011 +0200 @@ -140,12 +140,15 @@ timeout_remove(&dir->to_request); } -static void main_init(void) +static void main_preinit(void) { const struct director_settings *set; struct ip_addr listen_ip; unsigned int listen_port; + restrict_access_by_env(NULL, FALSE); + restrict_access_allow_coredumps(TRUE); + set = master_service_settings_get_others(master_service)[0]; auth_socket_path = i_strconcat(set->base_dir, @@ -215,11 +218,8 @@ master_service_init_log(master_service, "director: "); - restrict_access_by_env(NULL, FALSE); - restrict_access_allow_coredumps(TRUE); + main_preinit(); master_service_init_finish(master_service); - - main_init(); director->test_port = test_port; director->debug = debug; director_connect(director); From dovecot at dovecot.org Sat Nov 19 23:42:16 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Sat, 19 Nov 2011 23:42:16 +0200 Subject: dovecot-2.1: login: Moved all i_fatal()s to preinit stage. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/1827699b8156 changeset: 13739:1827699b8156 user: Timo Sirainen date: Sat Nov 19 23:42:05 2011 +0200 description: login: Moved all i_fatal()s to preinit stage. This avoids a wrongly configured login process from rapidly respawning. diffstat: src/login-common/main.c | 12 ++++++------ 1 files changed, 6 insertions(+), 6 deletions(-) diffs (29 lines): diff -r 5ce2123d24ed -r 1827699b8156 src/login-common/main.c --- a/src/login-common/main.c Sat Nov 19 23:41:50 2011 +0200 +++ b/src/login-common/main.c Sat Nov 19 23:42:05 2011 +0200 @@ -290,12 +290,6 @@ if (allow_core_dumps) restrict_access_allow_coredumps(TRUE); initial_service_count = master_service_get_service_count(master_service); -} - -static void main_init(const char *login_socket) -{ - /* make sure we can't fork() */ - restrict_process_count(1); if (restrict_access_get_current_chroot() == NULL) { if (chdir("login") < 0) @@ -308,6 +302,12 @@ login_rawlog_dir); login_rawlog_dir = NULL; } +} + +static void main_init(const char *login_socket) +{ + /* make sure we can't fork() */ + restrict_process_count(1); master_service_set_avail_overflow_callback(master_service, client_destroy_oldest); From dovecot at dovecot.org Mon Nov 21 22:43:28 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Mon, 21 Nov 2011 22:43:28 +0200 Subject: dovecot-2.1: dbox: Removed unused message type from header. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/c89dec41ad69 changeset: 13740:c89dec41ad69 user: Timo Sirainen date: Mon Nov 21 22:43:19 2011 +0200 description: dbox: Removed unused message type from header. diffstat: src/lib-storage/index/dbox-common/dbox-file.h | 5 +---- 1 files changed, 1 insertions(+), 4 deletions(-) diffs (15 lines): diff -r 1827699b8156 -r c89dec41ad69 src/lib-storage/index/dbox-common/dbox-file.h --- a/src/lib-storage/index/dbox-common/dbox-file.h Sat Nov 19 23:42:05 2011 +0200 +++ b/src/lib-storage/index/dbox-common/dbox-file.h Mon Nov 21 22:43:19 2011 +0200 @@ -70,10 +70,7 @@ enum dbox_message_type { /* Normal message */ - DBOX_MESSAGE_TYPE_NORMAL = 'N', - /* Parts of the message exists outside the following data. - See the metadata for how to find them. */ - DBOX_MESSAGE_TYPE_EXT_REFS = 'E' + DBOX_MESSAGE_TYPE_NORMAL = 'N' }; struct dbox_message_header { From dovecot at dovecot.org Mon Nov 21 23:28:26 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Mon, 21 Nov 2011 23:28:26 +0200 Subject: dovecot-2.1: dbox: Compiler warning fix if trying to include dbo... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/4411f7434d19 changeset: 13742:4411f7434d19 user: Timo Sirainen date: Mon Nov 21 23:26:41 2011 +0200 description: dbox: Compiler warning fix if trying to include dbox-file.h directly. diffstat: src/lib-storage/index/dbox-common/dbox-file.h | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r 38846458ef78 -r 4411f7434d19 src/lib-storage/index/dbox-common/dbox-file.h --- a/src/lib-storage/index/dbox-common/dbox-file.h Mon Nov 21 23:26:18 2011 +0200 +++ b/src/lib-storage/index/dbox-common/dbox-file.h Mon Nov 21 23:26:41 2011 +0200 @@ -27,6 +27,7 @@ #endif struct dbox_file; +struct stat; enum dbox_header_key { /* Must be sizeof(struct dbox_message_header) when appending (hex) */ From dovecot at dovecot.org Mon Nov 21 23:28:26 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Mon, 21 Nov 2011 23:28:26 +0200 Subject: dovecot-2.1: hex2dec(): Allow data to contain also lowercase hex... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/38846458ef78 changeset: 13741:38846458ef78 user: Timo Sirainen date: Mon Nov 21 23:26:18 2011 +0200 description: hex2dec(): Allow data to contain also lowercase hex characters. diffstat: src/lib/hex-dec.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diffs (12 lines): diff -r c89dec41ad69 -r 38846458ef78 src/lib/hex-dec.c --- a/src/lib/hex-dec.c Mon Nov 21 22:43:19 2011 +0200 +++ b/src/lib/hex-dec.c Mon Nov 21 23:26:18 2011 +0200 @@ -28,6 +28,8 @@ value += data[i]-'0'; else if (data[i] >= 'A' && data[i] <= 'F') value += data[i]-'A' + 10; + else if (data[i] >= 'a' && data[i] <= 'f') + value += data[i]-'a' + 10; else return 0; } From dovecot at dovecot.org Mon Nov 21 23:28:26 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Mon, 21 Nov 2011 23:28:26 +0200 Subject: dovecot-2.1: doveadm dump: Added support for dumping dbox header... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/5bc3ea6ebbed changeset: 13743:5bc3ea6ebbed user: Timo Sirainen date: Mon Nov 21 23:26:46 2011 +0200 description: doveadm dump: Added support for dumping dbox headers/metadata. diffstat: src/doveadm/Makefile.am | 1 + src/doveadm/doveadm-dump-dbox.c | 228 ++++++++++++++++++++++++++++++++++++++++ src/doveadm/doveadm-dump.c | 1 + src/doveadm/doveadm-dump.h | 1 + 4 files changed, 231 insertions(+), 0 deletions(-) diffs (265 lines): diff -r 4411f7434d19 -r 5bc3ea6ebbed src/doveadm/Makefile.am --- a/src/doveadm/Makefile.am Mon Nov 21 23:26:41 2011 +0200 +++ b/src/doveadm/Makefile.am Mon Nov 21 23:26:46 2011 +0200 @@ -82,6 +82,7 @@ doveadm-auth.c \ doveadm-director.c \ doveadm-dump.c \ + doveadm-dump-dbox.c \ doveadm-dump-index.c \ doveadm-dump-log.c \ doveadm-dump-mailboxlog.c \ diff -r 4411f7434d19 -r 5bc3ea6ebbed src/doveadm/doveadm-dump-dbox.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/doveadm/doveadm-dump-dbox.c Mon Nov 21 23:26:46 2011 +0200 @@ -0,0 +1,228 @@ +/* Copyright (c) 2011 Dovecot authors, see the included COPYING file */ + +#include "lib.h" +#include "hex-dec.h" +#include "istream.h" +#include "index/dbox-common/dbox-file.h" +#include "doveadm-dump.h" + +#include +#include +#include + +static void +dump_timestamp(struct istream *input, const char *name, const char *value) +{ + time_t t; + + if (strcmp(value, "0") == 0) + t = 0; + else { + t = hex2dec((const void *)value, strlen(value)); + if (t == 0) { + i_fatal("Invalid %s at %"PRIuUOFF_T": %s", + name, input->v_offset, value); + } + } + printf("%s = %ld (%s)\n", name, (long)t, unixdate2str(t)); +} + +static uoff_t +dump_size(struct istream *input, const char *name, const char *value) +{ + uoff_t size; + + if (strcmp(value, "0") == 0) + size = 0; + else { + size = hex2dec((const void *)value, strlen(value)); + if (size == 0) { + i_fatal("Invalid %s at %"PRIuUOFF_T": %s", + name, input->v_offset, value); + } + } + printf("%s = %"PRIuUOFF_T"\n", name, size); + return size; +} + +static unsigned int dump_file_hdr(struct istream *input) +{ + const char *line, *const *arg, *version; + unsigned int msg_hdr_size = 0; + + if ((line = i_stream_read_next_line(input)) == NULL) + i_fatal("Empty file"); + arg = t_strsplit(line, " "); + + /* check version */ + version = *arg; + if (version == NULL || !str_is_numeric(version, ' ')) + i_fatal("%s is not a dbox file", i_stream_get_name(input)); + if (strcmp(version, "2") != 0) + i_fatal("Unsupported dbox file version %s", version); + arg++; + + for (; *arg != NULL; arg++) { + switch (**arg) { + case DBOX_HEADER_MSG_HEADER_SIZE: + msg_hdr_size = hex2dec((const void *)(*arg + 1), + strlen(*arg + 1)); + if (msg_hdr_size == 0) { + i_fatal("Invalid msg_header_size header: %s", + *arg + 1); + } + printf("file.msg_header_size = %u\n", msg_hdr_size); + break; + case DBOX_HEADER_CREATE_STAMP: + dump_timestamp(input, "file.create_stamp", *arg + 1); + break; + default: + printf("file.unknown-%c = %s\n", **arg, *arg + 1); + break; + } + } + if (msg_hdr_size == 0) + i_fatal("Missing msg_header_size in file header"); + return msg_hdr_size; +} + +static bool +dump_msg_hdr(struct istream *input, unsigned int hdr_size, uoff_t *msg_size_r) +{ + struct dbox_message_header hdr; + const unsigned char *data; + size_t size; + uoff_t msg_size; + + if (i_stream_read_data(input, &data, &size, hdr_size-1) <= 0) { + if (size == 0) + return FALSE; + i_fatal("Partial message header read at %"PRIuUOFF_T": " + "%"PRIuSIZE_T" bytes", input->v_offset, size); + } + printf("offset %"PRIuUOFF_T":\n", input->v_offset); + + if (hdr_size < sizeof(hdr)) + i_fatal("file.hdr_size too small: %u", hdr_size); + memcpy(&hdr, data, sizeof(hdr)); + + if (memcmp(hdr.magic_pre, DBOX_MAGIC_PRE, sizeof(hdr.magic_pre)) != 0) + i_fatal("dbox wrong pre-magic at %"PRIuUOFF_T, input->v_offset); + + msg_size = dump_size(input, "msg.size", + t_strndup(hdr.message_size_hex, sizeof(hdr.message_size_hex))); + + i_stream_skip(input, hdr_size); + *msg_size_r = msg_size; + return TRUE; +} + +static void dump_msg_metadata(struct istream *input) +{ + struct dbox_metadata_header hdr; + const unsigned char *data; + size_t size; + const char *line; + + /* verify magic */ + if (i_stream_read_data(input, &data, &size, sizeof(hdr)-1) <= 0) { + i_fatal("dbox missing metadata at %"PRIuUOFF_T, + input->v_offset); + } + memcpy(&hdr, data, sizeof(hdr)); + if (memcmp(hdr.magic_post, DBOX_MAGIC_POST, sizeof(hdr.magic_post)) != 0) + i_fatal("dbox wrong post-magic at %"PRIuUOFF_T, input->v_offset); + i_stream_skip(input, sizeof(hdr)); + + /* dump the metadata */ + for (;;) { + if ((line = i_stream_read_next_line(input)) == NULL) + i_fatal("dbox metadata ended unexpectedly at EOF"); + if (*line == '\0') + break; + + switch (*line) { + case DBOX_METADATA_GUID: + printf("msg.guid = %s\n", line + 1); + break; + case DBOX_METADATA_POP3_UIDL: + printf("msg.pop3-uidl = %s\n", line + 1); + break; + case DBOX_METADATA_RECEIVED_TIME: + dump_timestamp(input, "msg.received", line + 1); + break; + case DBOX_METADATA_PHYSICAL_SIZE: + dump_size(input, "msg.physical-size", line + 1); + break; + case DBOX_METADATA_VIRTUAL_SIZE: + dump_size(input, "msg.virtual-size", line + 1); + break; + case DBOX_METADATA_EXT_REF: + printf("msg.ext-ref = %s\n", line + 1); + break; + case DBOX_METADATA_ORIG_MAILBOX: + printf("msg.orig-mailbox = %s\n", line + 1); + break; + + case DBOX_METADATA_OLDV1_EXPUNGED: + case DBOX_METADATA_OLDV1_FLAGS: + case DBOX_METADATA_OLDV1_KEYWORDS: + case DBOX_METADATA_OLDV1_SAVE_TIME: + case DBOX_METADATA_OLDV1_SPACE: + printf("msg.obsolete-%c = %s\n", *line, line + 1); + break; + } + } +} + +static bool dump_msg(struct istream *input, unsigned int hdr_size) +{ + uoff_t msg_size; + + if (!dump_msg_hdr(input, hdr_size, &msg_size)) + return FALSE; + i_stream_skip(input, msg_size); + dump_msg_metadata(input); + return TRUE; +} + +static void cmd_dump_dbox(int argc ATTR_UNUSED, char *argv[]) +{ + struct istream *input; + int fd; + unsigned int hdr_size; + bool ret; + + fd = open(argv[1], O_RDONLY); + if (fd < 0) + i_fatal("open(%s) failed: %m", argv[1]); + + input = i_stream_create_fd(fd, (size_t)-1, TRUE); + i_stream_set_name(input, argv[1]); + hdr_size = dump_file_hdr(input); + do { + printf("\n"); + T_BEGIN { + ret = dump_msg(input, hdr_size); + } T_END; + } while (ret); + i_stream_destroy(&input); +} + +static bool test_dump_dbox(const char *path) +{ + const char *p; + + p = strrchr(path, '/'); + if (p == NULL) + p = path; + else + p++; + return strncmp(p, "m.", 2) == 0 || strncmp(p, "u.", 2) == 0; +} + +struct doveadm_cmd_dump doveadm_cmd_dump_dbox = { + "dbox", + test_dump_dbox, + cmd_dump_dbox +}; diff -r 4411f7434d19 -r 5bc3ea6ebbed src/doveadm/doveadm-dump.c --- a/src/doveadm/doveadm-dump.c Mon Nov 21 23:26:41 2011 +0200 +++ b/src/doveadm/doveadm-dump.c Mon Nov 21 23:26:46 2011 +0200 @@ -79,6 +79,7 @@ }; static const struct doveadm_cmd_dump *dumps_builtin[] = { + &doveadm_cmd_dump_dbox, &doveadm_cmd_dump_index, &doveadm_cmd_dump_log, &doveadm_cmd_dump_mailboxlog, diff -r 4411f7434d19 -r 5bc3ea6ebbed src/doveadm/doveadm-dump.h --- a/src/doveadm/doveadm-dump.h Mon Nov 21 23:26:41 2011 +0200 +++ b/src/doveadm/doveadm-dump.h Mon Nov 21 23:26:46 2011 +0200 @@ -9,6 +9,7 @@ doveadm_command_t *cmd; }; +extern struct doveadm_cmd_dump doveadm_cmd_dump_dbox; extern struct doveadm_cmd_dump doveadm_cmd_dump_index; extern struct doveadm_cmd_dump doveadm_cmd_dump_log; extern struct doveadm_cmd_dump doveadm_cmd_dump_mailboxlog; From dovecot at dovecot.org Mon Nov 21 23:28:33 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Mon, 21 Nov 2011 23:28:33 +0200 Subject: dovecot-2.0: hex2dec(): Allow data to contain also lowercase hex... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/719f39116494 changeset: 12987:719f39116494 user: Timo Sirainen date: Mon Nov 21 23:26:18 2011 +0200 description: hex2dec(): Allow data to contain also lowercase hex characters. diffstat: src/lib/hex-dec.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diffs (12 lines): diff -r a28757b3f97a -r 719f39116494 src/lib/hex-dec.c --- a/src/lib/hex-dec.c Fri Nov 18 22:07:16 2011 +0200 +++ b/src/lib/hex-dec.c Mon Nov 21 23:26:18 2011 +0200 @@ -28,6 +28,8 @@ value += data[i]-'0'; else if (data[i] >= 'A' && data[i] <= 'F') value += data[i]-'A' + 10; + else if (data[i] >= 'a' && data[i] <= 'f') + value += data[i]-'a' + 10; else return 0; } From dovecot at dovecot.org Mon Nov 21 23:28:33 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Mon, 21 Nov 2011 23:28:33 +0200 Subject: dovecot-2.0: dbox: Compiler warning fix if trying to include dbo... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/aba065995389 changeset: 12988:aba065995389 user: Timo Sirainen date: Mon Nov 21 23:26:41 2011 +0200 description: dbox: Compiler warning fix if trying to include dbox-file.h directly. diffstat: src/lib-storage/index/dbox-common/dbox-file.h | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r 719f39116494 -r aba065995389 src/lib-storage/index/dbox-common/dbox-file.h --- a/src/lib-storage/index/dbox-common/dbox-file.h Mon Nov 21 23:26:18 2011 +0200 +++ b/src/lib-storage/index/dbox-common/dbox-file.h Mon Nov 21 23:26:41 2011 +0200 @@ -27,6 +27,7 @@ #endif struct dbox_file; +struct stat; enum dbox_header_key { /* Must be sizeof(struct dbox_message_header) when appending (hex) */ From dovecot at dovecot.org Mon Nov 21 23:28:33 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Mon, 21 Nov 2011 23:28:33 +0200 Subject: dovecot-2.0: doveadm dump: Added support for dumping dbox header... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/f02465f112aa changeset: 12989:f02465f112aa user: Timo Sirainen date: Mon Nov 21 23:26:46 2011 +0200 description: doveadm dump: Added support for dumping dbox headers/metadata. diffstat: src/doveadm/Makefile.am | 1 + src/doveadm/doveadm-dump-dbox.c | 228 ++++++++++++++++++++++++++++++++++++++++ src/doveadm/doveadm-dump.c | 1 + src/doveadm/doveadm-dump.h | 1 + 4 files changed, 231 insertions(+), 0 deletions(-) diffs (265 lines): diff -r aba065995389 -r f02465f112aa src/doveadm/Makefile.am --- a/src/doveadm/Makefile.am Mon Nov 21 23:26:41 2011 +0200 +++ b/src/doveadm/Makefile.am Mon Nov 21 23:26:46 2011 +0200 @@ -82,6 +82,7 @@ doveadm-auth.c \ doveadm-director.c \ doveadm-dump.c \ + doveadm-dump-dbox.c \ doveadm-dump-index.c \ doveadm-dump-log.c \ doveadm-dump-mailboxlog.c \ diff -r aba065995389 -r f02465f112aa src/doveadm/doveadm-dump-dbox.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/doveadm/doveadm-dump-dbox.c Mon Nov 21 23:26:46 2011 +0200 @@ -0,0 +1,228 @@ +/* Copyright (c) 2011 Dovecot authors, see the included COPYING file */ + +#include "lib.h" +#include "hex-dec.h" +#include "istream.h" +#include "index/dbox-common/dbox-file.h" +#include "doveadm-dump.h" + +#include +#include +#include + +static void +dump_timestamp(struct istream *input, const char *name, const char *value) +{ + time_t t; + + if (strcmp(value, "0") == 0) + t = 0; + else { + t = hex2dec((const void *)value, strlen(value)); + if (t == 0) { + i_fatal("Invalid %s at %"PRIuUOFF_T": %s", + name, input->v_offset, value); + } + } + printf("%s = %ld (%s)\n", name, (long)t, unixdate2str(t)); +} + +static uoff_t +dump_size(struct istream *input, const char *name, const char *value) +{ + uoff_t size; + + if (strcmp(value, "0") == 0) + size = 0; + else { + size = hex2dec((const void *)value, strlen(value)); + if (size == 0) { + i_fatal("Invalid %s at %"PRIuUOFF_T": %s", + name, input->v_offset, value); + } + } + printf("%s = %"PRIuUOFF_T"\n", name, size); + return size; +} + +static unsigned int dump_file_hdr(struct istream *input) +{ + const char *line, *const *arg, *version; + unsigned int msg_hdr_size = 0; + + if ((line = i_stream_read_next_line(input)) == NULL) + i_fatal("Empty file"); + arg = t_strsplit(line, " "); + + /* check version */ + version = *arg; + if (version == NULL || !str_is_numeric(version, ' ')) + i_fatal("%s is not a dbox file", i_stream_get_name(input)); + if (strcmp(version, "2") != 0) + i_fatal("Unsupported dbox file version %s", version); + arg++; + + for (; *arg != NULL; arg++) { + switch (**arg) { + case DBOX_HEADER_MSG_HEADER_SIZE: + msg_hdr_size = hex2dec((const void *)(*arg + 1), + strlen(*arg + 1)); + if (msg_hdr_size == 0) { + i_fatal("Invalid msg_header_size header: %s", + *arg + 1); + } + printf("file.msg_header_size = %u\n", msg_hdr_size); + break; + case DBOX_HEADER_CREATE_STAMP: + dump_timestamp(input, "file.create_stamp", *arg + 1); + break; + default: + printf("file.unknown-%c = %s\n", **arg, *arg + 1); + break; + } + } + if (msg_hdr_size == 0) + i_fatal("Missing msg_header_size in file header"); + return msg_hdr_size; +} + +static bool +dump_msg_hdr(struct istream *input, unsigned int hdr_size, uoff_t *msg_size_r) +{ + struct dbox_message_header hdr; + const unsigned char *data; + size_t size; + uoff_t msg_size; + + if (i_stream_read_data(input, &data, &size, hdr_size-1) <= 0) { + if (size == 0) + return FALSE; + i_fatal("Partial message header read at %"PRIuUOFF_T": " + "%"PRIuSIZE_T" bytes", input->v_offset, size); + } + printf("offset %"PRIuUOFF_T":\n", input->v_offset); + + if (hdr_size < sizeof(hdr)) + i_fatal("file.hdr_size too small: %u", hdr_size); + memcpy(&hdr, data, sizeof(hdr)); + + if (memcmp(hdr.magic_pre, DBOX_MAGIC_PRE, sizeof(hdr.magic_pre)) != 0) + i_fatal("dbox wrong pre-magic at %"PRIuUOFF_T, input->v_offset); + + msg_size = dump_size(input, "msg.size", + t_strndup(hdr.message_size_hex, sizeof(hdr.message_size_hex))); + + i_stream_skip(input, hdr_size); + *msg_size_r = msg_size; + return TRUE; +} + +static void dump_msg_metadata(struct istream *input) +{ + struct dbox_metadata_header hdr; + const unsigned char *data; + size_t size; + const char *line; + + /* verify magic */ + if (i_stream_read_data(input, &data, &size, sizeof(hdr)-1) <= 0) { + i_fatal("dbox missing metadata at %"PRIuUOFF_T, + input->v_offset); + } + memcpy(&hdr, data, sizeof(hdr)); + if (memcmp(hdr.magic_post, DBOX_MAGIC_POST, sizeof(hdr.magic_post)) != 0) + i_fatal("dbox wrong post-magic at %"PRIuUOFF_T, input->v_offset); + i_stream_skip(input, sizeof(hdr)); + + /* dump the metadata */ + for (;;) { + if ((line = i_stream_read_next_line(input)) == NULL) + i_fatal("dbox metadata ended unexpectedly at EOF"); + if (*line == '\0') + break; + + switch (*line) { + case DBOX_METADATA_GUID: + printf("msg.guid = %s\n", line + 1); + break; + case DBOX_METADATA_POP3_UIDL: + printf("msg.pop3-uidl = %s\n", line + 1); + break; + case DBOX_METADATA_RECEIVED_TIME: + dump_timestamp(input, "msg.received", line + 1); + break; + case DBOX_METADATA_PHYSICAL_SIZE: + dump_size(input, "msg.physical-size", line + 1); + break; + case DBOX_METADATA_VIRTUAL_SIZE: + dump_size(input, "msg.virtual-size", line + 1); + break; + case DBOX_METADATA_EXT_REF: + printf("msg.ext-ref = %s\n", line + 1); + break; + case DBOX_METADATA_ORIG_MAILBOX: + printf("msg.orig-mailbox = %s\n", line + 1); + break; + + case DBOX_METADATA_OLDV1_EXPUNGED: + case DBOX_METADATA_OLDV1_FLAGS: + case DBOX_METADATA_OLDV1_KEYWORDS: + case DBOX_METADATA_OLDV1_SAVE_TIME: + case DBOX_METADATA_OLDV1_SPACE: + printf("msg.obsolete-%c = %s\n", *line, line + 1); + break; + } + } +} + +static bool dump_msg(struct istream *input, unsigned int hdr_size) +{ + uoff_t msg_size; + + if (!dump_msg_hdr(input, hdr_size, &msg_size)) + return FALSE; + i_stream_skip(input, msg_size); + dump_msg_metadata(input); + return TRUE; +} + +static void cmd_dump_dbox(int argc ATTR_UNUSED, char *argv[]) +{ + struct istream *input; + int fd; + unsigned int hdr_size; + bool ret; + + fd = open(argv[1], O_RDONLY); + if (fd < 0) + i_fatal("open(%s) failed: %m", argv[1]); + + input = i_stream_create_fd(fd, (size_t)-1, TRUE); + i_stream_set_name(input, argv[1]); + hdr_size = dump_file_hdr(input); + do { + printf("\n"); + T_BEGIN { + ret = dump_msg(input, hdr_size); + } T_END; + } while (ret); + i_stream_destroy(&input); +} + +static bool test_dump_dbox(const char *path) +{ + const char *p; + + p = strrchr(path, '/'); + if (p == NULL) + p = path; + else + p++; + return strncmp(p, "m.", 2) == 0 || strncmp(p, "u.", 2) == 0; +} + +struct doveadm_cmd_dump doveadm_cmd_dump_dbox = { + "dbox", + test_dump_dbox, + cmd_dump_dbox +}; diff -r aba065995389 -r f02465f112aa src/doveadm/doveadm-dump.c --- a/src/doveadm/doveadm-dump.c Mon Nov 21 23:26:41 2011 +0200 +++ b/src/doveadm/doveadm-dump.c Mon Nov 21 23:26:46 2011 +0200 @@ -79,6 +79,7 @@ }; static const struct doveadm_cmd_dump *dumps_builtin[] = { + &doveadm_cmd_dump_dbox, &doveadm_cmd_dump_index, &doveadm_cmd_dump_log, &doveadm_cmd_dump_mailboxlog, diff -r aba065995389 -r f02465f112aa src/doveadm/doveadm-dump.h --- a/src/doveadm/doveadm-dump.h Mon Nov 21 23:26:41 2011 +0200 +++ b/src/doveadm/doveadm-dump.h Mon Nov 21 23:26:46 2011 +0200 @@ -9,6 +9,7 @@ doveadm_command_t *cmd; }; +extern struct doveadm_cmd_dump doveadm_cmd_dump_dbox; extern struct doveadm_cmd_dump doveadm_cmd_dump_index; extern struct doveadm_cmd_dump doveadm_cmd_dump_log; extern struct doveadm_cmd_dump doveadm_cmd_dump_mailboxlog; From dovecot at dovecot.org Tue Nov 22 00:12:30 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 22 Nov 2011 00:12:30 +0200 Subject: dovecot-2.0: mdbox: Don't assert-crash when having to open mail ... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/26f503adf42d changeset: 12990:26f503adf42d user: Timo Sirainen date: Tue Nov 22 00:12:17 2011 +0200 description: mdbox: Don't assert-crash when having to open mail file during specific copying situations. diffstat: src/lib-storage/index/dbox-multi/mdbox-save.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r f02465f112aa -r 26f503adf42d src/lib-storage/index/dbox-multi/mdbox-save.c --- a/src/lib-storage/index/dbox-multi/mdbox-save.c Mon Nov 21 23:26:46 2011 +0200 +++ b/src/lib-storage/index/dbox-multi/mdbox-save.c Tue Nov 22 00:12:17 2011 +0200 @@ -58,7 +58,7 @@ rec = data; if (mdbox_map_lookup(ctx->mbox->storage->map, rec->map_uid, - &file_id, offset_r) <= 0) + &file_id, offset_r) < 0) i_unreached(); return mdbox_file_init(ctx->mbox->storage, file_id); From dovecot at dovecot.org Tue Nov 22 00:12:58 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 22 Nov 2011 00:12:58 +0200 Subject: dovecot-2.1: mdbox: Don't assert-crash when having to open mail ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/8132fb8ee3eb changeset: 13744:8132fb8ee3eb user: Timo Sirainen date: Tue Nov 22 00:12:53 2011 +0200 description: mdbox: Don't assert-crash when having to open mail file during specific copying situations. diffstat: src/lib-storage/index/dbox-multi/mdbox-save.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r 5bc3ea6ebbed -r 8132fb8ee3eb src/lib-storage/index/dbox-multi/mdbox-save.c --- a/src/lib-storage/index/dbox-multi/mdbox-save.c Mon Nov 21 23:26:46 2011 +0200 +++ b/src/lib-storage/index/dbox-multi/mdbox-save.c Tue Nov 22 00:12:53 2011 +0200 @@ -58,7 +58,7 @@ rec = data; if (mdbox_map_lookup(ctx->mbox->storage->map, rec->map_uid, - &file_id, offset_r) <= 0) + &file_id, offset_r) < 0) i_unreached(); return mdbox_file_init(ctx->mbox->storage, file_id); From dovecot at dovecot.org Tue Nov 22 11:28:45 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 22 Nov 2011 11:28:45 +0200 Subject: dovecot-2.1: imapc: Crashfix after having idled for 29 mins with... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/da07002ca0d4 changeset: 13745:da07002ca0d4 user: Timo Sirainen date: Tue Nov 22 11:28:33 2011 +0200 description: imapc: Crashfix after having idled for 29 mins without IDLE. diffstat: src/lib-imap-client/imapc-connection.c | 8 +++++++- 1 files changed, 7 insertions(+), 1 deletions(-) diffs (25 lines): diff -r 8132fb8ee3eb -r da07002ca0d4 src/lib-imap-client/imapc-connection.c --- a/src/lib-imap-client/imapc-connection.c Tue Nov 22 00:12:53 2011 +0200 +++ b/src/lib-imap-client/imapc-connection.c Tue Nov 22 11:28:33 2011 +0200 @@ -1248,6 +1248,12 @@ } static void +imapc_noop_callback(const struct imapc_command_reply *reply ATTR_UNUSED, + void *context ATTR_UNUSED) +{ +} + +static void imapc_reidle_callback(const struct imapc_command_reply *reply ATTR_UNUSED, void *context) { @@ -1261,7 +1267,7 @@ struct imapc_command *cmd; if (!conn->idling) - cmd = imapc_connection_cmd(conn, NULL, NULL); + cmd = imapc_connection_cmd(conn, imapc_noop_callback, NULL); else cmd = imapc_connection_cmd(conn, imapc_reidle_callback, conn); imapc_command_send(cmd, "NOOP"); From dovecot at dovecot.org Tue Nov 22 11:29:21 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Tue, 22 Nov 2011 11:29:21 +0200 Subject: dovecot-2.1: imapc: Added assert to make sure callback is never ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/3501e62284dc changeset: 13746:3501e62284dc user: Timo Sirainen date: Tue Nov 22 11:29:17 2011 +0200 description: imapc: Added assert to make sure callback is never NULL. diffstat: src/lib-imap-client/imapc-connection.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diffs (12 lines): diff -r da07002ca0d4 -r 3501e62284dc src/lib-imap-client/imapc-connection.c --- a/src/lib-imap-client/imapc-connection.c Tue Nov 22 11:28:33 2011 +0200 +++ b/src/lib-imap-client/imapc-connection.c Tue Nov 22 11:29:17 2011 +0200 @@ -1394,6 +1394,8 @@ struct imapc_command *cmd; pool_t pool; + i_assert(callback != NULL); + pool = pool_alloconly_create("imapc command", 2048); cmd = p_new(pool, struct imapc_command, 1); cmd->pool = pool; From dovecot at dovecot.org Wed Nov 23 01:00:33 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 01:00:33 +0200 Subject: dovecot-2.1: Compiling fix for non-gcc. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/1cdd39d11ce4 changeset: 13747:1cdd39d11ce4 user: Timo Sirainen date: Wed Nov 23 01:00:10 2011 +0200 description: Compiling fix for non-gcc. diffstat: src/lib-imap-client/imapc-connection.c | 5 ++++- 1 files changed, 4 insertions(+), 1 deletions(-) diffs (19 lines): diff -r 3501e62284dc -r 1cdd39d11ce4 src/lib-imap-client/imapc-connection.c --- a/src/lib-imap-client/imapc-connection.c Tue Nov 22 11:29:17 2011 +0200 +++ b/src/lib-imap-client/imapc-connection.c Wed Nov 23 01:00:10 2011 +0200 @@ -1447,11 +1447,14 @@ static void imapc_command_send_finished(struct imapc_connection *conn, struct imapc_command *cmd) { + struct imapc_command *const *cmdp; + if (cmd->idle) conn->idle_plus_waiting = TRUE; /* everything sent. move command to wait list. */ - i_assert(*array_idx(&conn->cmd_send_queue, 0) == cmd); + cmdp = array_idx(&conn->cmd_send_queue, 0); + i_assert(*cmdp == cmd); array_delete(&conn->cmd_send_queue, 0, 1); array_append(&conn->cmd_wait_list, &cmd, 1); From dovecot at dovecot.org Wed Nov 23 16:58:22 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 16:58:22 +0200 Subject: dovecot-2.1: Compile fixes. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/bfcd0bed5a9e changeset: 13748:bfcd0bed5a9e user: Timo Sirainen date: Wed Nov 23 16:58:10 2011 +0200 description: Compile fixes. diffstat: src/lib-imap-client/imapc-client.h | 2 +- src/lib-storage/index/imapc/imapc-storage.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diffs (24 lines): diff -r 1cdd39d11ce4 -r bfcd0bed5a9e src/lib-imap-client/imapc-client.h --- a/src/lib-imap-client/imapc-client.h Wed Nov 23 01:00:10 2011 +0200 +++ b/src/lib-imap-client/imapc-client.h Wed Nov 23 16:58:10 2011 +0200 @@ -17,7 +17,7 @@ IMAPC_CAPABILITY_AUTH_PLAIN = 0x20, IMAPC_CAPABILITY_STARTTLS = 0x40, - IMAPC_CAPABILITY_IMAP4REV1 = 0x400000000 + IMAPC_CAPABILITY_IMAP4REV1 = 0x40000000 }; struct imapc_capability_name { const char *name; diff -r 1cdd39d11ce4 -r bfcd0bed5a9e src/lib-storage/index/imapc/imapc-storage.c --- a/src/lib-storage/index/imapc/imapc-storage.c Wed Nov 23 01:00:10 2011 +0200 +++ b/src/lib-storage/index/imapc/imapc-storage.c Wed Nov 23 16:58:10 2011 +0200 @@ -497,7 +497,7 @@ if (mbox->to_idle_check != NULL) timeout_remove(&mbox->to_idle_check); imapc_mail_cache_free(&mbox->prev_mail_cache); - return index_storage_mailbox_close(box); + index_storage_mailbox_close(box); } static int From dovecot at dovecot.org Wed Nov 23 17:01:59 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 17:01:59 +0200 Subject: dovecot-2.1: fts-lucene: Crashfix when compiled without stemmer. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/90ecb83a9ca7 changeset: 13749:90ecb83a9ca7 user: Timo Sirainen date: Wed Nov 23 17:01:51 2011 +0200 description: fts-lucene: Crashfix when compiled without stemmer. diffstat: src/plugins/fts-lucene/fts-lucene-plugin.c | 4 +++- 1 files changed, 3 insertions(+), 1 deletions(-) diffs (14 lines): diff -r bfcd0bed5a9e -r 90ecb83a9ca7 src/plugins/fts-lucene/fts-lucene-plugin.c --- a/src/plugins/fts-lucene/fts-lucene-plugin.c Wed Nov 23 16:58:10 2011 +0200 +++ b/src/plugins/fts-lucene/fts-lucene-plugin.c Wed Nov 23 17:01:51 2011 +0200 @@ -67,7 +67,9 @@ { uint32_t crc; - crc = crc32_str(set->default_language); + /* checksum is always different when compiling with/without stemmer */ + crc = set->default_language == NULL ? 0 : + crc32_str(set->default_language); crc = crc32_str_more(crc, set->whitespace_chars); return crc; } From dovecot at dovecot.org Wed Nov 23 19:01:59 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 19:01:59 +0200 Subject: dovecot-2.1: lib-index: Handle transaction log read errors separ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/fb0ffce5a0ba changeset: 13750:fb0ffce5a0ba user: Timo Sirainen date: Wed Nov 23 19:01:28 2011 +0200 description: lib-index: Handle transaction log read errors separately from log corruption. diffstat: src/lib-index/mail-index-modseq.c | 4 ++-- src/lib-index/mail-index-sync.c | 17 ++++++++++++----- src/lib-index/mail-index-view-sync.c | 2 +- src/lib-index/mail-transaction-log.h | 4 ++-- 4 files changed, 17 insertions(+), 10 deletions(-) diffs (80 lines): diff -r 90ecb83a9ca7 -r fb0ffce5a0ba src/lib-index/mail-index-modseq.c --- a/src/lib-index/mail-index-modseq.c Wed Nov 23 17:01:51 2011 +0200 +++ b/src/lib-index/mail-index-modseq.c Wed Nov 23 19:01:28 2011 +0200 @@ -426,8 +426,8 @@ I_MAX(1, hdr->log_seq), hdr->log_offset, end_seq, end_offset, &reset); - if (ret == 0) { - /* missing files - try with only the last file */ + if (ret <= 0) { + /* missing files / error - try with only the last file */ ret = mail_transaction_log_view_set(ctx->log_view, end_seq, 0, end_seq, end_offset, &reset); diff -r 90ecb83a9ca7 -r fb0ffce5a0ba src/lib-index/mail-index-sync.c --- a/src/lib-index/mail-index-sync.c Wed Nov 23 17:01:51 2011 +0200 +++ b/src/lib-index/mail-index-sync.c Wed Nov 23 19:01:28 2011 +0200 @@ -315,15 +315,17 @@ ret = mail_transaction_log_view_set(view->log_view, start_file_seq, start_file_offset, log_seq, log_offset, &reset); - if (ret <= 0) { + if (ret < 0) + return -1; + if (ret == 0) { /* either corrupted or the file was deleted for some reason. either way, we can't go forward */ mail_index_set_error(view->index, "Unexpected transaction log desync with index %s", view->index->filepath); - return -1; + return 0; } - return 0; + return 1; } int mail_index_sync_begin(struct mail_index *index, @@ -468,8 +470,13 @@ /* we wish to see all the changes from last mailbox sync position to the end of the transaction log */ - if (mail_index_sync_set_log_view(ctx->view, hdr->log_file_seq, - hdr->log_file_tail_offset) < 0) { + ret = mail_index_sync_set_log_view(ctx->view, hdr->log_file_seq, + hdr->log_file_tail_offset); + if (ret < 0) { + mail_index_sync_rollback(&ctx); + return -1; + } + if (ret == 0) { /* if a log file is missing, there's nothing we can do except to skip over it. fix the problem with fsck and try again. */ mail_index_fsck_locked(index); diff -r 90ecb83a9ca7 -r fb0ffce5a0ba src/lib-index/mail-index-view-sync.c --- a/src/lib-index/mail-index-view-sync.c Wed Nov 23 17:01:51 2011 +0200 +++ b/src/lib-index/mail-index-view-sync.c Wed Nov 23 19:01:28 2011 +0200 @@ -500,7 +500,7 @@ view->map->hdr.log_file_head_offset; if (mail_transaction_log_view_set(view->log_view, seq, offset, - seq, offset, &reset) < 0) + seq, offset, &reset) <= 0) return -1; view->inconsistent = FALSE; return 0; diff -r 90ecb83a9ca7 -r fb0ffce5a0ba src/lib-index/mail-transaction-log.h --- a/src/lib-index/mail-transaction-log.h Wed Nov 23 17:01:51 2011 +0200 +++ b/src/lib-index/mail-transaction-log.h Wed Nov 23 19:01:28 2011 +0200 @@ -210,8 +210,8 @@ mail_transaction_log_view_open(struct mail_transaction_log *log); void mail_transaction_log_view_close(struct mail_transaction_log_view **view); -/* Set view boundaries. Returns -1 if error, 0 if files are lost, 1 if ok. - reset_r=TRUE if the whole index should be reset before applying any +/* Set view boundaries. Returns -1 if error, 0 if files are lost or corrupted, + 1 if ok. reset_r=TRUE if the whole index should be reset before applying any changes. */ int mail_transaction_log_view_set(struct mail_transaction_log_view *view, uint32_t min_file_seq, uoff_t min_file_offset, From dovecot at dovecot.org Wed Nov 23 19:04:22 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 19:04:22 +0200 Subject: dovecot-2.1: file_cache_set_size(): Cleanup properly after mmap(... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/db51a627d726 changeset: 13751:db51a627d726 user: Timo Sirainen date: Wed Nov 23 19:04:15 2011 +0200 description: file_cache_set_size(): Cleanup properly after mmap() failure. diffstat: src/lib/file-cache.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r fb0ffce5a0ba -r db51a627d726 src/lib/file-cache.c --- a/src/lib/file-cache.c Wed Nov 23 19:01:28 2011 +0200 +++ b/src/lib/file-cache.c Wed Nov 23 19:04:15 2011 +0200 @@ -70,6 +70,7 @@ cache->mmap_base = mmap_anon(size); if (cache->mmap_base == MAP_FAILED) { i_error("mmap_anon(%"PRIuUOFF_T") failed: %m", size); + cache->mmap_base = NULL; cache->mmap_length = 0; return -1; } From dovecot at dovecot.org Wed Nov 23 19:05:43 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 19:05:43 +0200 Subject: dovecot-2.0: lib-index: Handle transaction log read errors separ... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/28544b4191f3 changeset: 12991:28544b4191f3 user: Timo Sirainen date: Wed Nov 23 19:01:28 2011 +0200 description: lib-index: Handle transaction log read errors separately from log corruption. diffstat: src/lib-index/mail-index-modseq.c | 4 ++-- src/lib-index/mail-index-sync.c | 17 ++++++++++++----- src/lib-index/mail-index-view-sync.c | 2 +- src/lib-index/mail-transaction-log.h | 4 ++-- 4 files changed, 17 insertions(+), 10 deletions(-) diffs (80 lines): diff -r 26f503adf42d -r 28544b4191f3 src/lib-index/mail-index-modseq.c --- a/src/lib-index/mail-index-modseq.c Tue Nov 22 00:12:17 2011 +0200 +++ b/src/lib-index/mail-index-modseq.c Wed Nov 23 19:01:28 2011 +0200 @@ -426,8 +426,8 @@ I_MAX(1, hdr->log_seq), hdr->log_offset, end_seq, end_offset, &reset); - if (ret == 0) { - /* missing files - try with only the last file */ + if (ret <= 0) { + /* missing files / error - try with only the last file */ ret = mail_transaction_log_view_set(ctx->log_view, end_seq, 0, end_seq, end_offset, &reset); diff -r 26f503adf42d -r 28544b4191f3 src/lib-index/mail-index-sync.c --- a/src/lib-index/mail-index-sync.c Tue Nov 22 00:12:17 2011 +0200 +++ b/src/lib-index/mail-index-sync.c Wed Nov 23 19:01:28 2011 +0200 @@ -315,15 +315,17 @@ ret = mail_transaction_log_view_set(view->log_view, start_file_seq, start_file_offset, log_seq, log_offset, &reset); - if (ret <= 0) { + if (ret < 0) + return -1; + if (ret == 0) { /* either corrupted or the file was deleted for some reason. either way, we can't go forward */ mail_index_set_error(view->index, "Unexpected transaction log desync with index %s", view->index->filepath); - return -1; + return 0; } - return 0; + return 1; } int mail_index_sync_begin(struct mail_index *index, @@ -461,8 +463,13 @@ /* we wish to see all the changes from last mailbox sync position to the end of the transaction log */ - if (mail_index_sync_set_log_view(ctx->view, hdr->log_file_seq, - hdr->log_file_tail_offset) < 0) { + ret = mail_index_sync_set_log_view(ctx->view, hdr->log_file_seq, + hdr->log_file_tail_offset); + if (ret < 0) { + mail_index_sync_rollback(&ctx); + return -1; + } + if (ret == 0) { /* if a log file is missing, there's nothing we can do except to skip over it. fix the problem with fsck and try again. */ mail_index_fsck_locked(index); diff -r 26f503adf42d -r 28544b4191f3 src/lib-index/mail-index-view-sync.c --- a/src/lib-index/mail-index-view-sync.c Tue Nov 22 00:12:17 2011 +0200 +++ b/src/lib-index/mail-index-view-sync.c Wed Nov 23 19:01:28 2011 +0200 @@ -500,7 +500,7 @@ view->map->hdr.log_file_head_offset; if (mail_transaction_log_view_set(view->log_view, seq, offset, - seq, offset, &reset) < 0) + seq, offset, &reset) <= 0) return -1; view->inconsistent = FALSE; return 0; diff -r 26f503adf42d -r 28544b4191f3 src/lib-index/mail-transaction-log.h --- a/src/lib-index/mail-transaction-log.h Tue Nov 22 00:12:17 2011 +0200 +++ b/src/lib-index/mail-transaction-log.h Wed Nov 23 19:01:28 2011 +0200 @@ -210,8 +210,8 @@ mail_transaction_log_view_open(struct mail_transaction_log *log); void mail_transaction_log_view_close(struct mail_transaction_log_view **view); -/* Set view boundaries. Returns -1 if error, 0 if files are lost, 1 if ok. - reset_r=TRUE if the whole index should be reset before applying any +/* Set view boundaries. Returns -1 if error, 0 if files are lost or corrupted, + 1 if ok. reset_r=TRUE if the whole index should be reset before applying any changes. */ int mail_transaction_log_view_set(struct mail_transaction_log_view *view, uint32_t min_file_seq, uoff_t min_file_offset, From dovecot at dovecot.org Wed Nov 23 19:05:43 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 19:05:43 +0200 Subject: dovecot-2.0: file_cache_set_size(): Cleanup properly after mmap(... Message-ID: details: http://hg.dovecot.org/dovecot-2.0/rev/a8c2e04307c6 changeset: 12992:a8c2e04307c6 user: Timo Sirainen date: Wed Nov 23 19:04:15 2011 +0200 description: file_cache_set_size(): Cleanup properly after mmap() failure. diffstat: src/lib/file-cache.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r 28544b4191f3 -r a8c2e04307c6 src/lib/file-cache.c --- a/src/lib/file-cache.c Wed Nov 23 19:01:28 2011 +0200 +++ b/src/lib/file-cache.c Wed Nov 23 19:04:15 2011 +0200 @@ -70,6 +70,7 @@ cache->mmap_base = mmap_anon(size); if (cache->mmap_base == MAP_FAILED) { i_error("mmap_anon(%"PRIuUOFF_T") failed: %m", size); + cache->mmap_base = NULL; cache->mmap_length = 0; return -1; } From dovecot at dovecot.org Wed Nov 23 19:10:49 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 19:10:49 +0200 Subject: dovecot-2.1: lib-index: Make sure we never go to infinite loop i... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/b9c4a7e4a27f changeset: 13752:b9c4a7e4a27f user: Timo Sirainen date: Wed Nov 23 19:10:34 2011 +0200 description: lib-index: Make sure we never go to infinite loop if fsck can't fix syncing problem. diffstat: src/lib-index/mail-index-sync.c | 41 ++++++++++++++++++++++++++++++++--------- 1 files changed, 32 insertions(+), 9 deletions(-) diffs (72 lines): diff -r db51a627d726 -r b9c4a7e4a27f src/lib-index/mail-index-sync.c --- a/src/lib-index/mail-index-sync.c Wed Nov 23 19:04:15 2011 +0200 +++ b/src/lib-index/mail-index-sync.c Wed Nov 23 19:10:34 2011 +0200 @@ -421,12 +421,13 @@ return 1; } -int mail_index_sync_begin_to(struct mail_index *index, - struct mail_index_sync_ctx **ctx_r, - struct mail_index_view **view_r, - struct mail_index_transaction **trans_r, - uint32_t log_file_seq, uoff_t log_file_offset, - enum mail_index_sync_flags flags) +static int +mail_index_sync_begin_to2(struct mail_index *index, + struct mail_index_sync_ctx **ctx_r, + struct mail_index_view **view_r, + struct mail_index_transaction **trans_r, + uint32_t log_file_seq, uoff_t log_file_offset, + enum mail_index_sync_flags flags, bool *retry_r) { const struct mail_index_header *hdr; struct mail_index_sync_ctx *ctx; @@ -436,6 +437,8 @@ i_assert(!index->syncing); + *retry_r = FALSE; + if (index->map != NULL && (index->map->hdr.flags & MAIL_INDEX_HDR_FLAG_CORRUPTED) != 0) { /* index is corrupted and need to be reopened */ @@ -481,9 +484,8 @@ to skip over it. fix the problem with fsck and try again. */ mail_index_fsck_locked(index); mail_index_sync_rollback(&ctx); - return mail_index_sync_begin_to(index, ctx_r, view_r, trans_r, - log_file_seq, log_file_offset, - flags); + *retry_r = TRUE; + return 0; } /* we need to have all the transactions sorted to optimize @@ -513,6 +515,27 @@ return 1; } +int mail_index_sync_begin_to(struct mail_index *index, + struct mail_index_sync_ctx **ctx_r, + struct mail_index_view **view_r, + struct mail_index_transaction **trans_r, + uint32_t log_file_seq, uoff_t log_file_offset, + enum mail_index_sync_flags flags) +{ + bool retry; + int ret; + + ret = mail_index_sync_begin_to2(index, ctx_r, view_r, trans_r, + log_file_seq, log_file_offset, + flags, &retry); + if (retry) { + ret = mail_index_sync_begin_to2(index, ctx_r, view_r, trans_r, + log_file_seq, log_file_offset, + flags, &retry); + } + return ret; +} + bool mail_index_sync_has_expunges(struct mail_index_sync_ctx *ctx) { return array_is_created(&ctx->sync_trans->expunges) && From dovecot at dovecot.org Wed Nov 23 19:11:19 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 19:11:19 +0200 Subject: dovecot-2.1: Compile fix for some compilers. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/4f1d20b57c04 changeset: 13753:4f1d20b57c04 user: Timo Sirainen date: Wed Nov 23 19:11:13 2011 +0200 description: Compile fix for some compilers. diffstat: src/anvil/anvil-connection.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diffs (13 lines): diff -r b9c4a7e4a27f -r 4f1d20b57c04 src/anvil/anvil-connection.c --- a/src/anvil/anvil-connection.c Wed Nov 23 19:10:34 2011 +0200 +++ b/src/anvil/anvil-connection.c Wed Nov 23 19:11:13 2011 +0200 @@ -153,7 +153,8 @@ if (anvil_restarted && (conn->master || conn->fifo)) { /* old pending data. ignore input until we get the handshake. */ - return anvil_connection_input(context); + anvil_connection_input(context); + return; } i_error("Anvil client not compatible with this server " "(mixed old and new binaries?) %s", line); From dovecot at dovecot.org Wed Nov 23 19:19:28 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 19:19:28 +0200 Subject: dovecot-2.1: lib-storage: Track storage's all mailboxes to make ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/deaebb4dc98c changeset: 13754:deaebb4dc98c user: Timo Sirainen date: Wed Nov 23 19:19:19 2011 +0200 description: lib-storage: Track storage's all mailboxes to make it easier to debug if one isn't closed. diffstat: src/lib-storage/mail-storage-private.h | 4 ++++ src/lib-storage/mail-storage.c | 7 +++++++ 2 files changed, 11 insertions(+), 0 deletions(-) diffs (52 lines): diff -r 4f1d20b57c04 -r deaebb4dc98c src/lib-storage/mail-storage-private.h --- a/src/lib-storage/mail-storage-private.h Wed Nov 23 19:11:13 2011 +0200 +++ b/src/lib-storage/mail-storage-private.h Wed Nov 23 19:19:19 2011 +0200 @@ -78,6 +78,8 @@ /* counting number of objects (e.g. mailbox) that have a pointer to this storage. */ int obj_refcount; + /* Linked list of all mailboxes in the storage */ + struct mailbox *mailboxes; const char *unique_root_dir; char *error_string; @@ -210,6 +212,8 @@ struct mailbox_vfuncs v, *vlast; /* private: */ pool_t pool; + /* Linked list of all mailboxes in this storage */ + struct mailbox *prev, *next; /* these won't be set until mailbox is opened: */ struct mail_index *index; diff -r 4f1d20b57c04 -r deaebb4dc98c src/lib-storage/mail-storage.c --- a/src/lib-storage/mail-storage.c Wed Nov 23 19:11:13 2011 +0200 +++ b/src/lib-storage/mail-storage.c Wed Nov 23 19:19:19 2011 +0200 @@ -412,6 +412,10 @@ return; } + if (storage->mailboxes != NULL) { + i_panic("Trying to deinit storage without freeing mailbox %s", + storage->mailboxes->vname); + } if (storage->obj_refcount != 0) i_panic("Trying to deinit storage before freeing its objects"); @@ -627,6 +631,7 @@ hook_mailbox_allocated(box); } T_END; + DLLIST_PREPEND(&box->storage->mailboxes, box); mail_storage_obj_ref(box->storage); return box; } @@ -893,6 +898,8 @@ mailbox_close(box); box->v.free(box); + + DLLIST_REMOVE(&box->storage->mailboxes, box); mail_storage_obj_unref(box->storage); pool_unref(&box->pool); } From dovecot at dovecot.org Wed Nov 23 19:51:19 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 19:51:19 +0200 Subject: dovecot-2.1: master: Log a warning at startup if fd limit is too... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/540d9d296dc9 changeset: 13756:540d9d296dc9 user: Timo Sirainen date: Wed Nov 23 19:51:06 2011 +0200 description: master: Log a warning at startup if fd limit is too low. diffstat: src/master/master-settings.c | 20 ++++++++++++++++++++ 1 files changed, 20 insertions(+), 0 deletions(-) diffs (65 lines): diff -r 0644361ca409 -r 540d9d296dc9 src/master/master-settings.c --- a/src/master/master-settings.c Wed Nov 23 19:51:01 2011 +0200 +++ b/src/master/master-settings.c Wed Nov 23 19:51:06 2011 +0200 @@ -9,6 +9,7 @@ #include "ipwd.h" #include "mkdir-parents.h" #include "safe-mkdir.h" +#include "restrict-process-size.h" #include "settings-parser.h" #include "master-settings.h" @@ -403,6 +404,8 @@ static int warned_auth = FALSE, warned_anvil = FALSE; #ifdef CONFIG_BINARY const struct service_settings *default_service; +#else + rlim_t fd_limit; #endif struct master_settings *set = _set; struct service_settings *const *services; @@ -411,6 +414,8 @@ struct passwd pw; unsigned int i, j, count, len, client_limit, process_limit; unsigned int max_auth_client_processes, max_anvil_client_processes; + const char *max_client_limit_source = "default_client_count"; + unsigned int max_client_limit; len = strlen(set->base_dir); if (len > 0 && set->base_dir[len-1] == '/') { @@ -484,6 +489,7 @@ } } t_array_init(&all_listeners, 64); + max_client_limit = set->default_client_limit; max_auth_client_processes = 0; max_anvil_client_processes = 2; /* blocking, nonblocking pipes */ for (i = 0; i < count; i++) { @@ -525,6 +531,11 @@ "vsz_limit is too low", service->name); return FALSE; } + if (max_client_limit < service->client_limit) { + max_client_limit = service->client_limit; + max_client_limit_source = t_strdup_printf( + "service %s { client_limit }", service->name); + } #ifdef CONFIG_BINARY default_service = @@ -570,6 +581,15 @@ "required under max. load (%u)", client_limit, max_anvil_client_processes); } +#ifndef CONFIG_BINARY + if (restrict_get_fd_limit(&fd_limit) == 0 && + fd_limit < (rlim_t)max_client_limit) { + i_warning("fd limit (ulimit -n) is lower than required " + "under max. load (%u < %u), because of %s", + (unsigned int)fd_limit, max_client_limit, + max_client_limit_source); + } +#endif /* check for duplicate listeners */ array_sort(&all_listeners, i_strcmp_p); From dovecot at dovecot.org Wed Nov 23 19:51:19 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 19:51:19 +0200 Subject: dovecot-2.1: Added restrict_get_fd_limit() Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/0644361ca409 changeset: 13755:0644361ca409 user: Timo Sirainen date: Wed Nov 23 19:51:01 2011 +0200 description: Added restrict_get_fd_limit() diffstat: src/lib/restrict-process-size.c | 12 ++++++++++++ src/lib/restrict-process-size.h | 2 ++ 2 files changed, 14 insertions(+), 0 deletions(-) diffs (30 lines): diff -r deaebb4dc98c -r 0644361ca409 src/lib/restrict-process-size.c --- a/src/lib/restrict-process-size.c Wed Nov 23 19:19:19 2011 +0200 +++ b/src/lib/restrict-process-size.c Wed Nov 23 19:51:01 2011 +0200 @@ -80,3 +80,15 @@ return -1; #endif } + +int restrict_get_fd_limit(rlim_t *limit_r) +{ + struct rlimit rlim; + + if (getrlimit(RLIMIT_NOFILE, &rlim) < 0) { + i_error("getrlimit(RLIMIT_NOFILE) failed: %m"); + return -1; + } + *limit_r = rlim.rlim_cur; + return 0; +} diff -r deaebb4dc98c -r 0644361ca409 src/lib/restrict-process-size.h --- a/src/lib/restrict-process-size.h Wed Nov 23 19:19:19 2011 +0200 +++ b/src/lib/restrict-process-size.h Wed Nov 23 19:51:01 2011 +0200 @@ -17,5 +17,7 @@ int restrict_get_core_limit(rlim_t *limit_r); /* Get the process count limit. Returns 0 if ok, -1 if lookup failed. */ int restrict_get_process_limit(rlim_t *limit_r); +/* Get the fd limit. Returns 0 if ok, -1 if lookup failed. */ +int restrict_get_fd_limit(rlim_t *limit_r); #endif From dovecot at dovecot.org Wed Nov 23 20:31:56 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 20:31:56 +0200 Subject: dovecot-2.1: lib-auth: Log a warning about auth disconnection on... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/49044b7cfa3d changeset: 13757:49044b7cfa3d user: Timo Sirainen date: Wed Nov 23 20:31:40 2011 +0200 description: lib-auth: Log a warning about auth disconnection only if there are pending requests. diffstat: src/lib-auth/auth-server-connection.c | 8 +++++++- 1 files changed, 7 insertions(+), 1 deletions(-) diffs (33 lines): diff -r 540d9d296dc9 -r 49044b7cfa3d src/lib-auth/auth-server-connection.c --- a/src/lib-auth/auth-server-connection.c Wed Nov 23 19:51:06 2011 +0200 +++ b/src/lib-auth/auth-server-connection.c Wed Nov 23 20:31:40 2011 +0200 @@ -243,7 +243,6 @@ return; case -1: /* disconnected */ - i_error("Authentication server disconnected, reconnecting"); auth_server_connection_reconnect(conn); return; case -2: @@ -309,7 +308,13 @@ static const char *const temp_failure_args[] = { "temp", NULL }; struct hash_iterate_context *iter; void *key, *value; + unsigned int request_count = hash_table_count(conn->requests); + if (request_count == 0) + return; + + i_warning("Auth connection closed with %u pending requests", + request_count); iter = hash_table_iterate_init(conn->requests); while (hash_table_iterate(iter, &key, &value)) { struct auth_client_request *request = value; @@ -378,6 +383,7 @@ *_conn = NULL; auth_server_connection_disconnect(conn); + i_assert(hash_table_count(conn->requests) == 0); hash_table_destroy(&conn->requests); array_free(&conn->available_auth_mechs); pool_unref(&conn->pool); From dovecot at dovecot.org Wed Nov 23 22:08:21 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 22:08:21 +0200 Subject: dovecot-2.1: Compiler warning fix Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/b8e1c9685c69 changeset: 13758:b8e1c9685c69 user: Timo Sirainen date: Wed Nov 23 21:14:11 2011 +0200 description: Compiler warning fix diffstat: src/master/master-settings.c | 24 ++++++++++++------------ 1 files changed, 12 insertions(+), 12 deletions(-) diffs (63 lines): diff -r 49044b7cfa3d -r b8e1c9685c69 src/master/master-settings.c --- a/src/master/master-settings.c Wed Nov 23 20:31:40 2011 +0200 +++ b/src/master/master-settings.c Wed Nov 23 21:14:11 2011 +0200 @@ -402,11 +402,6 @@ master_settings_verify(void *_set, pool_t pool, const char **error_r) { static int warned_auth = FALSE, warned_anvil = FALSE; -#ifdef CONFIG_BINARY - const struct service_settings *default_service; -#else - rlim_t fd_limit; -#endif struct master_settings *set = _set; struct service_settings *const *services; const char *const *strings; @@ -414,8 +409,13 @@ struct passwd pw; unsigned int i, j, count, len, client_limit, process_limit; unsigned int max_auth_client_processes, max_anvil_client_processes; +#ifdef CONFIG_BINARY + const struct service_settings *default_service; +#else + rlim_t fd_limit; const char *max_client_limit_source = "default_client_count"; - unsigned int max_client_limit; + unsigned int max_client_limit = set->default_client_limit; +#endif len = strlen(set->base_dir); if (len > 0 && set->base_dir[len-1] == '/') { @@ -489,7 +489,6 @@ } } t_array_init(&all_listeners, 64); - max_client_limit = set->default_client_limit; max_auth_client_processes = 0; max_anvil_client_processes = 2; /* blocking, nonblocking pipes */ for (i = 0; i < count; i++) { @@ -531,11 +530,6 @@ "vsz_limit is too low", service->name); return FALSE; } - if (max_client_limit < service->client_limit) { - max_client_limit = service->client_limit; - max_client_limit_source = t_strdup_printf( - "service %s { client_limit }", service->name); - } #ifdef CONFIG_BINARY default_service = @@ -546,6 +540,12 @@ "process_limit must be 1", service->name); return FALSE; } +#else + if (max_client_limit < service->client_limit) { + max_client_limit = service->client_limit; + max_client_limit_source = t_strdup_printf( + "service %s { client_limit }", service->name); + } #endif if (*service->protocol != '\0' && From dovecot at dovecot.org Wed Nov 23 22:08:21 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 22:08:21 +0200 Subject: dovecot-2.1: auth: Don't leak memory in deinit. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/35764175dc92 changeset: 13759:35764175dc92 user: Timo Sirainen date: Wed Nov 23 21:40:04 2011 +0200 description: auth: Don't leak memory in deinit. diffstat: src/auth/main.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r b8e1c9685c69 -r 35764175dc92 src/auth/main.c --- a/src/auth/main.c Wed Nov 23 21:14:11 2011 +0200 +++ b/src/auth/main.c Wed Nov 23 21:40:04 2011 +0200 @@ -281,6 +281,7 @@ password_schemes_deinit(); sql_drivers_deinit(); random_deinit(); + child_wait_deinit(); array_foreach_modifiable(&listeners, l) i_free(l->path); From dovecot at dovecot.org Wed Nov 23 22:08:21 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 22:08:21 +0200 Subject: dovecot-2.1: auth: Support passing regular %variables to sql/lda... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/acfe332f9aeb changeset: 13760:acfe332f9aeb user: Timo Sirainen date: Wed Nov 23 22:07:08 2011 +0200 description: auth: Support passing regular %variables to sql/ldap iterate queries. diffstat: src/auth/auth-master-connection.c | 68 +++++++++++++++++++++++++++++--------- src/auth/auth-settings.c | 6 ++- src/auth/auth-worker-client.c | 40 ++++++++++++++-------- src/auth/userdb-blocking.c | 23 +++++------- src/auth/userdb-blocking.h | 2 +- src/auth/userdb-ldap.c | 28 ++++++++------- src/auth/userdb-passwd-file.c | 7 ++- src/auth/userdb-passwd.c | 13 +++---- src/auth/userdb-sql.c | 20 ++++++----- src/auth/userdb.h | 4 +- 10 files changed, 130 insertions(+), 81 deletions(-) diffs (truncated from 557 to 300 lines): diff -r 35764175dc92 -r acfe332f9aeb src/auth/auth-master-connection.c --- a/src/auth/auth-master-connection.c Wed Nov 23 21:40:04 2011 +0200 +++ b/src/auth/auth-master-connection.c Wed Nov 23 22:07:08 2011 +0200 @@ -29,15 +29,13 @@ struct master_userdb_request { struct auth_master_connection *conn; - unsigned int id; struct auth_request *auth_request; }; struct master_list_iter_ctx { struct auth_master_connection *conn; - struct auth_userdb *userdb; struct userdb_iterate_context *iter; - unsigned int id; + struct auth_request *auth_request; bool failed; }; @@ -383,6 +381,8 @@ if (ctx->iter != NULL) (void)userdb_blocking_iter_deinit(&ctx->iter); o_stream_unset_flush_callback(ctx->conn->output); + auth_request_unref(&ctx->auth_request); + auth_master_connection_unref(&ctx->conn); i_free(ctx); } @@ -402,6 +402,7 @@ static void master_input_list_callback(const char *user, void *context) { struct master_list_iter_ctx *ctx = context; + struct auth_userdb *userdb = ctx->auth_request->userdb; int ret; if (user == NULL) { @@ -409,14 +410,15 @@ ctx->failed = TRUE; do { - ctx->userdb = ctx->userdb->next; - } while (ctx->userdb != NULL && - ctx->userdb->userdb->iface->iterate_init == NULL); - if (ctx->userdb == NULL) { + userdb = userdb->next; + } while (userdb != NULL && + userdb->userdb->iface->iterate_init == NULL); + if (userdb == NULL) { /* iteration is finished */ const char *str; - str = t_strdup_printf("DONE\t%u\t%s\n", ctx->id, + str = t_strdup_printf("DONE\t%u\t%s\n", + ctx->auth_request->id, ctx->failed ? "fail" : ""); (void)o_stream_send_str(ctx->conn->output, str); master_input_list_finish(ctx); @@ -424,7 +426,8 @@ } /* continue iterating next userdb */ - ctx->iter = userdb_blocking_iter_init(ctx->userdb->userdb, + ctx->auth_request->userdb = userdb; + ctx->iter = userdb_blocking_iter_init(ctx->auth_request, master_input_list_callback, ctx); userdb_blocking_iter_next(ctx->iter); return; @@ -433,7 +436,7 @@ T_BEGIN { const char *str; - str = t_strdup_printf("LIST\t%u\t%s\n", ctx->id, + str = t_strdup_printf("LIST\t%u\t%s\n", ctx->auth_request->id, str_tabescape(user)); ret = o_stream_send_str(ctx->conn->output, str); } T_END; @@ -450,15 +453,18 @@ master_input_list(struct auth_master_connection *conn, const char *args) { struct auth_userdb *userdb = conn->auth->userdbs; + struct auth_request *auth_request; struct master_list_iter_ctx *ctx; - const char *str; + const char *str, *name, *arg, *const *list; unsigned int id; - /* */ - if (str_to_uint(args, &id) < 0) { + /* [] */ + list = t_strsplit(args, "\t"); + if (list[0] == NULL || str_to_uint(list[0], &id) < 0) { i_error("BUG: Master sent broken LIST"); - return FALSE; + return -1; } + list++; if (conn->userdb_restricted_uid != 0) { i_error("Auth client doesn't have permissions to list users: %s", @@ -477,14 +483,42 @@ return TRUE; } + auth_request = auth_request_new_dummy(); + auth_request->id = id; + auth_request->master = conn; + auth_master_connection_ref(conn); + + for (; *list != NULL; list++) { + arg = strchr(*list, '='); + if (arg == NULL) { + name = *list; + arg = ""; + } else { + name = t_strdup_until(*list, arg); + arg++; + } + + if (!auth_request_import_info(auth_request, name, arg) && + strcmp(name, "user") == 0) { + /* username mask */ + auth_request->user = p_strdup(auth_request->pool, arg); + } + } + + /* rest of the code doesn't like NULL user or service */ + if (auth_request->user == NULL) + auth_request->user = ""; + if (auth_request->service == NULL) + auth_request->service = ""; + ctx = i_new(struct master_list_iter_ctx, 1); ctx->conn = conn; - ctx->userdb = userdb; - ctx->id = id; + ctx->auth_request = auth_request; + ctx->auth_request->userdb = userdb; io_remove(&conn->io); o_stream_set_flush_callback(conn->output, master_output_list, ctx); - ctx->iter = userdb_blocking_iter_init(ctx->userdb->userdb, + ctx->iter = userdb_blocking_iter_init(auth_request, master_input_list_callback, ctx); return TRUE; } diff -r 35764175dc92 -r acfe332f9aeb src/auth/auth-settings.c --- a/src/auth/auth-settings.c Wed Nov 23 21:40:04 2011 +0200 +++ b/src/auth/auth-settings.c Wed Nov 23 22:07:08 2011 +0200 @@ -349,6 +349,7 @@ }; struct master_service_settings_input input; struct setting_parser_context *set_parser; + struct auth_settings *set; const char *error; memset(&input, 0, sizeof(input)); @@ -359,9 +360,12 @@ output_r, &error) < 0) i_fatal("Error reading configuration: %s", error); + pool_ref(pool); set_parser = settings_parser_dup(master_service->set_parser, pool); if (!settings_parser_check(set_parser, pool, &error)) i_unreached(); - return settings_parser_get_list(set_parser)[1]; + set = settings_parser_get_list(set_parser)[1]; + settings_parser_deinit(&set_parser); + return set; } diff -r 35764175dc92 -r acfe332f9aeb src/auth/auth-worker-client.c --- a/src/auth/auth-worker-client.c Wed Nov 23 21:40:04 2011 +0200 +++ b/src/auth/auth-worker-client.c Wed Nov 23 22:07:08 2011 +0200 @@ -31,9 +31,8 @@ struct auth_worker_list_context { struct auth_worker_client *client; - struct userdb_module *userdb; + struct auth_request *auth_request; struct userdb_iterate_context *iter; - unsigned int id; bool sending, sent, done; }; @@ -415,14 +414,16 @@ i_assert(client->io == NULL); str = t_str_new(32); - if (ctx->userdb->iface->iterate_deinit(ctx->iter) < 0) - str_printfa(str, "%u\tFAIL\n", ctx->id); + if (ctx->auth_request->userdb->userdb->iface-> + iterate_deinit(ctx->iter) < 0) + str_printfa(str, "%u\tFAIL\n", ctx->auth_request->id); else - str_printfa(str, "%u\tOK\n", ctx->id); + str_printfa(str, "%u\tOK\n", ctx->auth_request->id); auth_worker_send_reply(client, str); client->io = io_add(client->fd, IO_READ, auth_worker_input, client); o_stream_set_flush_callback(client->output, auth_worker_output, client); + auth_request_unref(&ctx->auth_request); auth_worker_client_unref(&client); i_free(ctx); } @@ -442,7 +443,7 @@ T_BEGIN { str = t_str_new(128); - str_printfa(str, "%u\t*\t%s\n", ctx->id, user); + str_printfa(str, "%u\t*\t%s\n", ctx->auth_request->id, user); o_stream_send(ctx->client->output, str_data(str), str_len(str)); } T_END; @@ -455,7 +456,8 @@ do { ctx->sending = TRUE; ctx->sent = FALSE; - ctx->userdb->iface->iterate_next(ctx->iter); + ctx->auth_request->userdb->userdb->iface-> + iterate_next(ctx->iter); } while (ctx->sent && o_stream_get_buffer_used_size(ctx->client->output) == 0); ctx->sending = FALSE; @@ -471,8 +473,10 @@ list_iter_deinit(ctx); return 1; } - if (ret > 0) - ctx->userdb->iface->iterate_next(ctx->iter); + if (ret > 0) { + ctx->auth_request->userdb->userdb->iface-> + iterate_next(ctx->iter); + } return 1; } @@ -497,16 +501,22 @@ ctx = i_new(struct auth_worker_list_context, 1); ctx->client = client; - ctx->id = id; - ctx->userdb = userdb->userdb; + ctx->auth_request = worker_auth_request_new(client, id, args + 1); + ctx->auth_request->userdb = userdb; + if (ctx->auth_request->user == NULL || + ctx->auth_request->service == NULL) { + i_error("BUG: LIST had missing parameters"); + auth_request_unref(&ctx->auth_request); + i_free(ctx); + return FALSE; + } io_remove(&ctx->client->io); o_stream_set_flush_callback(ctx->client->output, auth_worker_list_output, ctx); - client->refcount++; - ctx->iter = ctx->userdb->iface-> - iterate_init(userdb->userdb, list_iter_callback, ctx); - ctx->userdb->iface->iterate_next(ctx->iter); + ctx->iter = ctx->auth_request->userdb->userdb->iface-> + iterate_init(ctx->auth_request, list_iter_callback, ctx); + ctx->auth_request->userdb->userdb->iface->iterate_next(ctx->iter); return TRUE; } diff -r 35764175dc92 -r acfe332f9aeb src/auth/userdb-blocking.c --- a/src/auth/userdb-blocking.c Wed Nov 23 21:40:04 2011 +0200 +++ b/src/auth/userdb-blocking.c Wed Nov 23 22:07:08 2011 +0200 @@ -10,7 +10,6 @@ struct blocking_userdb_iterate_context { struct userdb_iterate_context ctx; - pool_t pool; struct auth_worker_connection *conn; bool next; bool destroyed; @@ -66,7 +65,6 @@ static bool iter_callback(const char *reply, void *context) { struct blocking_userdb_iterate_context *ctx = context; - pool_t pool = ctx->pool; if (strncmp(reply, "*\t", 2) == 0) { ctx->next = FALSE; @@ -78,31 +76,30 @@ ctx->ctx.failed = TRUE; if (!ctx->destroyed) ctx->ctx.callback(NULL, ctx->ctx.context); - pool_unref(&pool); + auth_request_unref(&ctx->ctx.auth_request); return TRUE; } struct userdb_iterate_context * -userdb_blocking_iter_init(struct userdb_module *userdb, +userdb_blocking_iter_init(struct auth_request *request, userdb_iter_callback_t *callback, void *context) { struct blocking_userdb_iterate_context *ctx; From dovecot at dovecot.org Wed Nov 23 22:08:22 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 22:08:22 +0200 Subject: dovecot-2.1: lib-auth: auth_master_user_list_init() now takes us... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/59e25ebc976f changeset: 13761:59e25ebc976f user: Timo Sirainen date: Wed Nov 23 22:08:09 2011 +0200 description: lib-auth: auth_master_user_list_init() now takes user_mask and info parameters. These are passed to auth process, which may use them to limit what usernames are returned. diffstat: src/doveadm/doveadm-auth.c | 12 ++++++++---- src/doveadm/doveadm-director.c | 2 +- src/lib-auth/auth-master.c | 28 ++++++++++++++++++++-------- src/lib-auth/auth-master.h | 8 ++++++-- src/lib-storage/mail-storage-service.c | 2 +- 5 files changed, 36 insertions(+), 16 deletions(-) diffs (152 lines): diff -r acfe332f9aeb -r 59e25ebc976f src/doveadm/doveadm-auth.c --- a/src/doveadm/doveadm-auth.c Wed Nov 23 22:07:08 2011 +0200 +++ b/src/doveadm/doveadm-auth.c Wed Nov 23 22:08:09 2011 +0200 @@ -180,11 +180,12 @@ } static void -cmd_user_list(const char *auth_socket_path, char *const *users) +cmd_user_list(const char *auth_socket_path, const struct authtest_input *input, + char *const *users) { struct auth_master_user_list_ctx *ctx; struct auth_master_connection *conn; - const char *username; + const char *username, *user_mask = NULL; unsigned int i; if (auth_socket_path == NULL) { @@ -192,8 +193,11 @@ "/auth-userdb", NULL); } + if (users[0] != NULL && users[1] == NULL) + user_mask = users[0]; + conn = auth_master_init(auth_socket_path, 0); - ctx = auth_master_user_list_init(conn); + ctx = auth_master_user_list_init(conn, user_mask, &input->info); while ((username = auth_master_user_list_next(ctx)) != NULL) { for (i = 0; users[i] != NULL; i++) { if (wildcard_match_icase(username, users[i])) @@ -286,7 +290,7 @@ } if (have_wildcards) - cmd_user_list(auth_socket_path, argv + optind); + cmd_user_list(auth_socket_path, &input, argv + optind); else { bool first = TRUE; bool notfound = FALSE; diff -r acfe332f9aeb -r 59e25ebc976f src/doveadm/doveadm-director.c --- a/src/doveadm/doveadm-director.c Wed Nov 23 22:07:08 2011 +0200 +++ b/src/doveadm/doveadm-director.c Wed Nov 23 22:08:09 2011 +0200 @@ -211,7 +211,7 @@ } conn = auth_master_init(auth_socket_path, 0); - ctx = auth_master_user_list_init(conn); + ctx = auth_master_user_list_init(conn, NULL, NULL); while ((username = auth_master_user_list_next(ctx)) != NULL) user_list_add(username, pool, users); if (auth_master_user_list_deinit(&ctx) < 0) { diff -r acfe332f9aeb -r 59e25ebc976f src/lib-auth/auth-master.c --- a/src/lib-auth/auth-master.c Wed Nov 23 22:07:08 2011 +0200 +++ b/src/lib-auth/auth-master.c Wed Nov 23 22:08:09 2011 +0200 @@ -434,8 +434,10 @@ static void auth_user_info_export(string_t *str, const struct auth_user_info *info) { - str_append(str, "service="); - str_append(str, info->service); + if (info->service != NULL) { + str_append(str, "\tservice="); + str_append(str, info->service); + } if (info->local_ip.family != 0) str_printfa(str, "\tlip=%s", net_ip2addr(&info->local_ip)); @@ -473,7 +475,7 @@ conn->reply_context = &ctx; str = t_str_new(128); - str_printfa(str, "USER\t%u\t%s\t", + str_printfa(str, "USER\t%u\t%s", auth_master_next_request_id(conn), user); auth_user_info_export(str, info); str_append_c(str, '\n'); @@ -547,7 +549,7 @@ conn->reply_context = &ctx; str = t_str_new(128); - str_printfa(str, "PASS\t%u\t%s\t", + str_printfa(str, "PASS\t%u\t%s", auth_master_next_request_id(conn), user); auth_user_info_export(str, info); str_append_c(str, '\n'); @@ -591,10 +593,12 @@ } struct auth_master_user_list_ctx * -auth_master_user_list_init(struct auth_master_connection *conn) +auth_master_user_list_init(struct auth_master_connection *conn, + const char *user_mask, + const struct auth_user_info *info) { struct auth_master_user_list_ctx *ctx; - const char *str; + string_t *str; pool_t pool; pool = pool_alloconly_create("auth master user list", 10240); @@ -606,9 +610,17 @@ conn->reply_callback = auth_user_list_reply_callback; conn->reply_context = ctx; - str = t_strdup_printf("LIST\t%u\n", auth_master_next_request_id(conn)); + str = t_str_new(128); + str_printfa(str, "LIST\t%u", + auth_master_next_request_id(conn)); + if (user_mask != NULL && *user_mask != '\0') + str_printfa(str, "\tuser=%s", user_mask); + if (info != NULL) + auth_user_info_export(str, info); + str_append_c(str, '\n'); + conn->prefix = "userdb list"; - if (auth_master_run_cmd(conn, str) < 0) + if (auth_master_run_cmd(conn, str_c(str)) < 0) ctx->failed = TRUE; ctx->user_strings = array_get(&ctx->users, &ctx->user_count); conn->prefix = DEFAULT_USERDB_LOOKUP_PREFIX; diff -r acfe332f9aeb -r 59e25ebc976f src/lib-auth/auth-master.h --- a/src/lib-auth/auth-master.h Wed Nov 23 22:07:08 2011 +0200 +++ b/src/lib-auth/auth-master.h Wed Nov 23 22:08:09 2011 +0200 @@ -43,9 +43,13 @@ void auth_user_fields_parse(const char *const *fields, pool_t pool, struct auth_user_reply *reply_r); -/* Iterate through all users. */ +/* Iterate through all users. If user_mask is non-NULL, it contains a string + with wildcards ('*', '?') that the auth server MAY use to limit what users + are returned (but it may as well return all users anyway). */ struct auth_master_user_list_ctx * -auth_master_user_list_init(struct auth_master_connection *conn); +auth_master_user_list_init(struct auth_master_connection *conn, + const char *user_mask, + const struct auth_user_info *info); const char *auth_master_user_list_next(struct auth_master_user_list_ctx *ctx); unsigned int auth_master_user_list_count(struct auth_master_user_list_ctx *ctx); /* Returns -1 if anything failed, 0 if ok */ diff -r acfe332f9aeb -r 59e25ebc976f src/lib-storage/mail-storage-service.c --- a/src/lib-storage/mail-storage-service.c Wed Nov 23 22:07:08 2011 +0200 +++ b/src/lib-storage/mail-storage-service.c Wed Nov 23 22:08:09 2011 +0200 @@ -1119,7 +1119,7 @@ (void)auth_master_user_list_deinit(&ctx->auth_list); mail_storage_service_init_settings(ctx, NULL); - ctx->auth_list = auth_master_user_list_init(ctx->conn); + ctx->auth_list = auth_master_user_list_init(ctx->conn, NULL, NULL); return auth_master_user_list_count(ctx->auth_list); } From dovecot at dovecot.org Wed Nov 23 22:56:40 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 22:56:40 +0200 Subject: dovecot-2.1: lib: Add hmac-sha1 adapted from hmac-md5 Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/4d56549a5505 changeset: 13762:4d56549a5505 user: Florian Zeitz date: Fri Sep 16 02:22:49 2011 +0200 description: lib: Add hmac-sha1 adapted from hmac-md5 diffstat: src/lib/Makefile.am | 1 + src/lib/hmac-sha1.c | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ src/lib/hmac-sha1.h | 22 ++++++++++++++++++++++ 3 files changed, 75 insertions(+), 0 deletions(-) diffs (93 lines): diff -r 59e25ebc976f -r 4d56549a5505 src/lib/Makefile.am --- a/src/lib/Makefile.am Wed Nov 23 22:08:09 2011 +0200 +++ b/src/lib/Makefile.am Fri Sep 16 02:22:49 2011 +0200 @@ -43,6 +43,7 @@ hex-binary.c \ hex-dec.c \ hmac-md5.c \ + hmac-sha1.c \ home-expand.c \ hostpid.c \ imem.c \ diff -r 59e25ebc976f -r 4d56549a5505 src/lib/hmac-sha1.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/lib/hmac-sha1.c Fri Sep 16 02:22:49 2011 +0200 @@ -0,0 +1,52 @@ +/* + * HMAC-SHA1 (RFC-2104) implementation. + * + * Copyright (c) 2004 Andrey Panin + * Copyright (c) 2011 Florian Zeitz + * + * This software is released under the MIT license. + */ + +#include "lib.h" +#include "hmac-sha1.h" +#include "safe-memset.h" + +void hmac_sha1_init(struct hmac_sha1_context *ctx, + const unsigned char *key, size_t key_len) +{ + int i; + unsigned char sha1key[20]; + unsigned char k_ipad[64]; + unsigned char k_opad[64]; + + if (key_len > 64) { + sha1_get_digest(key, key_len, sha1key); + key = sha1key; + key_len = 20; + } + + memcpy(k_ipad, key, key_len); + memset(k_ipad + key_len, 0, 64 - key_len); + memcpy(k_opad, k_ipad, 64); + + for (i = 0; i < 64; i++) { + k_ipad[i] ^= 0x36; + k_opad[i] ^= 0x5c; + } + + sha1_init(&ctx->ctx); + sha1_loop(&ctx->ctx, k_ipad, 64); + sha1_init(&ctx->ctxo); + sha1_loop(&ctx->ctxo, k_opad, 64); + + safe_memset(k_ipad, 0, 64); + safe_memset(k_opad, 0, 64); +} + +void hmac_sha1_final(struct hmac_sha1_context *ctx, unsigned char *digest) +{ + sha1_result(&ctx->ctx, digest); + + sha1_loop(&ctx->ctxo, digest, 20); + sha1_result(&ctx->ctxo, digest); +} diff -r 59e25ebc976f -r 4d56549a5505 src/lib/hmac-sha1.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/lib/hmac-sha1.h Fri Sep 16 02:22:49 2011 +0200 @@ -0,0 +1,22 @@ +#ifndef HMAC_SHA1_H +#define HMAC_SHA1_H + +#include "sha1.h" + +struct hmac_sha1_context { + struct sha1_ctxt ctx, ctxo; +}; + +void hmac_sha1_init(struct hmac_sha1_context *ctx, + const unsigned char *key, size_t key_len); +void hmac_sha1_final(struct hmac_sha1_context *ctx, + unsigned char digest[SHA1_RESULTLEN]); + + +static inline void +hmac_sha1_update(struct hmac_sha1_context *ctx, const void *data, size_t size) +{ + sha1_loop(&ctx->ctx, data, size); +} + +#endif From dovecot at dovecot.org Wed Nov 23 22:56:40 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 22:56:40 +0200 Subject: dovecot-2.1: auth: Implement the SCRAM-SHA-1 SASL mechanism Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/c69790ad93c1 changeset: 13763:c69790ad93c1 user: Florian Zeitz date: Fri Sep 16 02:24:00 2011 +0200 description: auth: Implement the SCRAM-SHA-1 SASL mechanism diffstat: src/auth/Makefile.am | 1 + src/auth/mech-scram-sha1.c | 405 +++++++++++++++++++++++++++++++++++++++++++++ src/auth/mech.c | 2 + 3 files changed, 408 insertions(+), 0 deletions(-) diffs (truncated from 439 to 300 lines): diff -r 4d56549a5505 -r c69790ad93c1 src/auth/Makefile.am --- a/src/auth/Makefile.am Fri Sep 16 02:22:49 2011 +0200 +++ b/src/auth/Makefile.am Fri Sep 16 02:24:00 2011 +0200 @@ -83,6 +83,7 @@ mech-gssapi.c \ mech-ntlm.c \ mech-otp.c \ + mech-scram-sha1.c \ mech-skey.c \ mech-rpa.c \ mech-apop.c \ diff -r 4d56549a5505 -r c69790ad93c1 src/auth/mech-scram-sha1.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/auth/mech-scram-sha1.c Fri Sep 16 02:24:00 2011 +0200 @@ -0,0 +1,405 @@ +/* + * SCRAM-SHA-1 SASL authentication, see RFC-5802 + * + * Copyright (c) 2011 Florian Zeitz + * + * This software is released under the MIT license. + */ + +#include "auth-common.h" +#include "base64.h" +#include "buffer.h" +#include "hmac-sha1.h" +#include "randgen.h" +#include "safe-memset.h" +#include "str.h" +#include "strfuncs.h" +#include "mech.h" + +struct scram_auth_request { + struct auth_request auth_request; + + pool_t pool; + unsigned int authenticated:1; + + /* sent: */ + char *server_first_message; + unsigned char salt[16]; + unsigned char salted_password[SHA1_RESULTLEN]; + + /* received: */ + char *gs2_cbind_flag; + char *cnonce; + char *snonce; + char *client_first_message_bare; + char *client_final_message_without_proof; + buffer_t *proof; +}; + +static void Hi(const unsigned char *str, size_t str_size, + const unsigned char *salt, size_t salt_size, unsigned int i, + unsigned char result[SHA1_RESULTLEN]) +{ + struct hmac_sha1_context ctx; + unsigned char U[SHA1_RESULTLEN]; + size_t j, k; + + /* Calculate U1 */ + hmac_sha1_init(&ctx, str, str_size); + hmac_sha1_update(&ctx, salt, salt_size); + hmac_sha1_update(&ctx, "\0\0\0\1", 4); + hmac_sha1_final(&ctx, U); + + memcpy(result, U, SHA1_RESULTLEN); + + /* Calculate U2 to Ui and Hi*/ + for (j = 2; j <= i; j++) { + hmac_sha1_init(&ctx, str, str_size); + hmac_sha1_update(&ctx, U, sizeof(U)); + hmac_sha1_final(&ctx, U); + for (k = 0; k < SHA1_RESULTLEN; k++) + result[k] ^= U[k]; + } +} + +static const char *get_scram_server_first(struct scram_auth_request *request) +{ + unsigned char snonce[65]; + string_t *str; + size_t i; + + random_fill(snonce, sizeof(snonce)-1); + + /* make sure snonce is printable and does not contain ',' */ + for (i = 0; i < sizeof(snonce)-1; i++) { + snonce[i] = (snonce[i] % ('~' - '!')) + '!'; + if (snonce[i] == ',') + snonce[i] = '~'; + } + snonce[sizeof(snonce)-1] = '\0'; + + request->snonce = p_strndup(request->pool, snonce, sizeof(snonce)); + + random_fill(request->salt, sizeof(request->salt)); + + str = t_str_new(MAX_BASE64_ENCODED_SIZE(sizeof(request->salt))); + base64_encode(request->salt, sizeof(request->salt), str); + + return t_strdup_printf("r=%s%s,s=%s,i=%i", request->cnonce, + request->snonce, str_c(str), 4096); +} + +static const char *get_scram_server_final(struct scram_auth_request *request) +{ + struct hmac_sha1_context ctx; + const char *auth_message; + unsigned char server_key[SHA1_RESULTLEN]; + unsigned char server_signature[SHA1_RESULTLEN]; + string_t *str; + + auth_message = t_strconcat(request->client_first_message_bare, ",", + request->server_first_message, ",", + request->client_final_message_without_proof, NULL); + + hmac_sha1_init(&ctx, request->salted_password, + sizeof(request->salted_password)); + hmac_sha1_update(&ctx, "Server Key", 10); + hmac_sha1_final(&ctx, server_key); + + safe_memset(request->salted_password, 0, + sizeof(request->salted_password)); + + hmac_sha1_init(&ctx, server_key, sizeof(server_key)); + hmac_sha1_update(&ctx, auth_message, strlen(auth_message)); + hmac_sha1_final(&ctx, server_signature); + + str = t_str_new(MAX_BASE64_ENCODED_SIZE(sizeof(server_signature))); + base64_encode(server_signature, sizeof(server_signature), str); + + return t_strdup_printf("v=%s", str_c(str)); +} + +static bool parse_scram_client_first(struct scram_auth_request *request, + const unsigned char *data, size_t size, + const char **error) +{ + const char *const *fields; + const char *p; + string_t *username; + + fields = t_strsplit(t_strndup(data, size), ","); + + if (str_array_length(fields) < 4) { + *error = "Invalid initial client message"; + return FALSE; + } + + switch (fields[0][0]) { + case 'p': + *error = "Channel binding not supported"; + return FALSE; + case 'y': + case 'n': + request->gs2_cbind_flag = p_strdup(request->pool, fields[0]); + break; + default: + *error = "Invalid GS2 header"; + return FALSE; + } + + if (fields[1][0] != '\0') { + *error = "authzid not supported"; + return FALSE; + } + + if (fields[2][0] == 'm') { + *error = "Mandatory extension(s) not supported"; + return FALSE; + } + + if (fields[2][0] == 'n') { + /* Unescape username */ + username = t_str_new(0); + + for (p = fields[2] + 2; *p != '\0'; p++) { + if (p[0] == '=') { + if (p[1] == '2' && p[2] == 'C') { + str_append_c(username, ','); + } else if (p[1] == '3' && p[2] == 'D') { + str_append_c(username, '='); + } else { + *error = "Username contains " + "forbidden character(s)"; + return FALSE; + } + p += 2; + } else if (p[0] == ',') { + *error = "Username contains " + "forbidden character(s)"; + return FALSE; + } else { + str_append_c(username, *p); + } + } + if (!auth_request_set_username(&request->auth_request, + str_c(username), error)) + return FALSE; + } else { + *error = "Invalid username"; + return FALSE; + } + + if (fields[3][0] == 'r') + request->cnonce = p_strdup(request->pool, fields[3]+2); + else { + *error = "Invalid client nonce"; + return FALSE; + } + + /* This works only without channel binding support, + otherwise the GS2 header doesn't have a fixed length */ + request->client_first_message_bare = + p_strndup(request->pool, data + 3, size - 3); + + return TRUE; +} + +static bool verify_credentials(struct scram_auth_request *request, + const unsigned char *credentials, size_t size) +{ + struct hmac_sha1_context ctx; + const char *auth_message; + unsigned char client_key[SHA1_RESULTLEN]; + unsigned char client_signature[SHA1_RESULTLEN]; + unsigned char stored_key[SHA1_RESULTLEN]; + size_t i; + + /* FIXME: credentials should be SASLprepped UTF8 data here */ + Hi(credentials, size, request->salt, sizeof(request->salt), 4096, + request->salted_password); + + hmac_sha1_init(&ctx, request->salted_password, + sizeof(request->salted_password)); + hmac_sha1_update(&ctx, "Client Key", 10); + hmac_sha1_final(&ctx, client_key); + + sha1_get_digest(client_key, sizeof(client_key), stored_key); + + auth_message = t_strconcat(request->client_first_message_bare, ",", + request->server_first_message, ",", + request->client_final_message_without_proof, NULL); + + hmac_sha1_init(&ctx, stored_key, sizeof(stored_key)); + hmac_sha1_update(&ctx, auth_message, strlen(auth_message)); + hmac_sha1_final(&ctx, client_signature); + + for (i = 0; i < sizeof(client_signature); i++) + client_signature[i] ^= client_key[i]; + + safe_memset(client_key, 0, sizeof(client_key)); + safe_memset(stored_key, 0, sizeof(stored_key)); + + if (!memcmp(client_signature, request->proof->data, + request->proof->used)) + return TRUE; + + return FALSE; +} + +static void credentials_callback(enum passdb_result result, + const unsigned char *credentials, size_t size, + struct auth_request *auth_request) +{ + struct scram_auth_request *request = + (struct scram_auth_request *)auth_request; + const char *server_final_message; + + switch (result) { + case PASSDB_RESULT_OK: + if (!verify_credentials(request, credentials, size)) { + auth_request_log_info(auth_request, "scram-sha-1", + "password mismatch"); + auth_request_fail(auth_request); + } else { + request->authenticated = TRUE; + server_final_message = get_scram_server_final(request); + auth_request_handler_reply_continue(auth_request, + server_final_message, + strlen(server_final_message)); + } + break; + case PASSDB_RESULT_INTERNAL_FAILURE: + auth_request_internal_failure(auth_request); + break; + default: + auth_request_fail(auth_request); + break; + } +} + +static bool parse_scram_client_final(struct scram_auth_request *request, + const unsigned char *data, + size_t size ATTR_UNUSED, + const char **error) +{ + const char **fields; From dovecot at dovecot.org Wed Nov 23 22:56:40 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 23 Nov 2011 22:56:40 +0200 Subject: dovecot-2.1: auth: Cleanups, fix and Dovecot code-stylifications... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/34b3655ca484 changeset: 13764:34b3655ca484 user: Timo Sirainen date: Wed Nov 23 22:55:57 2011 +0200 description: auth: Cleanups, fix and Dovecot code-stylifications to SCRAM-SHA-1. diffstat: src/auth/mech-scram-sha1.c | 186 ++++++++++++++++++++++---------------------- 1 files changed, 92 insertions(+), 94 deletions(-) diffs (truncated from 394 to 300 lines): diff -r c69790ad93c1 -r 34b3655ca484 src/auth/mech-scram-sha1.c --- a/src/auth/mech-scram-sha1.c Fri Sep 16 02:24:00 2011 +0200 +++ b/src/auth/mech-scram-sha1.c Wed Nov 23 22:55:57 2011 +0200 @@ -16,6 +16,11 @@ #include "strfuncs.h" #include "mech.h" +/* SCRAM hash iteration count. RFC says it SHOULD be at least 4096 */ +#define SCRAM_ITERATE_COUNT 4096 +/* s-nonce length */ +#define SCRAM_SERVER_NONCE_LEN 64 + struct scram_auth_request { struct auth_request auth_request; @@ -23,16 +28,16 @@ unsigned int authenticated:1; /* sent: */ - char *server_first_message; + const char *server_first_message; unsigned char salt[16]; unsigned char salted_password[SHA1_RESULTLEN]; /* received: */ - char *gs2_cbind_flag; - char *cnonce; - char *snonce; - char *client_first_message_bare; - char *client_final_message_without_proof; + const char *gs2_cbind_flag; + const char *cnonce; + const char *snonce; + const char *client_first_message_bare; + const char *client_final_message_without_proof; buffer_t *proof; }; @@ -42,7 +47,7 @@ { struct hmac_sha1_context ctx; unsigned char U[SHA1_RESULTLEN]; - size_t j, k; + unsigned int j, k; /* Calculate U1 */ hmac_sha1_init(&ctx, str, str_size); @@ -52,7 +57,7 @@ memcpy(result, U, SHA1_RESULTLEN); - /* Calculate U2 to Ui and Hi*/ + /* Calculate U2 to Ui and Hi */ for (j = 2; j <= i; j++) { hmac_sha1_init(&ctx, str, str_size); hmac_sha1_update(&ctx, U, sizeof(U)); @@ -64,7 +69,7 @@ static const char *get_scram_server_first(struct scram_auth_request *request) { - unsigned char snonce[65]; + unsigned char snonce[SCRAM_SERVER_NONCE_LEN+1]; string_t *str; size_t i; @@ -77,16 +82,15 @@ snonce[i] = '~'; } snonce[sizeof(snonce)-1] = '\0'; - request->snonce = p_strndup(request->pool, snonce, sizeof(snonce)); random_fill(request->salt, sizeof(request->salt)); str = t_str_new(MAX_BASE64_ENCODED_SIZE(sizeof(request->salt))); + str_printfa(str, "r=%s%s,s=", request->cnonce, request->snonce); base64_encode(request->salt, sizeof(request->salt), str); - - return t_strdup_printf("r=%s%s,s=%s,i=%i", request->cnonce, - request->snonce, str_c(str), 4096); + str_printfa(str, ",i=%d", SCRAM_ITERATE_COUNT); + return str_c(str); } static const char *get_scram_server_final(struct scram_auth_request *request) @@ -102,97 +106,101 @@ request->client_final_message_without_proof, NULL); hmac_sha1_init(&ctx, request->salted_password, - sizeof(request->salted_password)); + sizeof(request->salted_password)); hmac_sha1_update(&ctx, "Server Key", 10); hmac_sha1_final(&ctx, server_key); safe_memset(request->salted_password, 0, - sizeof(request->salted_password)); + sizeof(request->salted_password)); hmac_sha1_init(&ctx, server_key, sizeof(server_key)); hmac_sha1_update(&ctx, auth_message, strlen(auth_message)); hmac_sha1_final(&ctx, server_signature); str = t_str_new(MAX_BASE64_ENCODED_SIZE(sizeof(server_signature))); + str_append(str, "v="); base64_encode(server_signature, sizeof(server_signature), str); - return t_strdup_printf("v=%s", str_c(str)); + return str_c(str); +} + +static const char *scram_unescape_username(const char *in) +{ + string_t *out; + + out = t_str_new(64); + for (; *in != '\0'; in++) { + i_assert(in[0] != ','); /* strsplit should have caught this */ + + if (in[0] == '=') { + if (in[1] == '2' && in[2] == 'C') + str_append_c(out, ','); + else if (in[1] == '3' && in[2] == 'D') + str_append_c(out, '='); + else + return NULL; + in += 2; + } else { + str_append_c(out, *in); + } + } + return str_c(out); } static bool parse_scram_client_first(struct scram_auth_request *request, const unsigned char *data, size_t size, - const char **error) + const char **error_r) { const char *const *fields; - const char *p; - string_t *username; fields = t_strsplit(t_strndup(data, size), ","); - if (str_array_length(fields) < 4) { - *error = "Invalid initial client message"; + *error_r = "Invalid initial client message"; return FALSE; } switch (fields[0][0]) { case 'p': - *error = "Channel binding not supported"; + *error_r = "Channel binding not supported"; return FALSE; case 'y': case 'n': request->gs2_cbind_flag = p_strdup(request->pool, fields[0]); break; default: - *error = "Invalid GS2 header"; + *error_r = "Invalid GS2 header"; return FALSE; } if (fields[1][0] != '\0') { - *error = "authzid not supported"; + *error_r = "authzid not supported"; return FALSE; } - if (fields[2][0] == 'm') { - *error = "Mandatory extension(s) not supported"; + *error_r = "Mandatory extension(s) not supported"; return FALSE; } - if (fields[2][0] == 'n') { /* Unescape username */ - username = t_str_new(0); + const char *username = + scram_unescape_username(fields[2] + 2); - for (p = fields[2] + 2; *p != '\0'; p++) { - if (p[0] == '=') { - if (p[1] == '2' && p[2] == 'C') { - str_append_c(username, ','); - } else if (p[1] == '3' && p[2] == 'D') { - str_append_c(username, '='); - } else { - *error = "Username contains " - "forbidden character(s)"; - return FALSE; - } - p += 2; - } else if (p[0] == ',') { - *error = "Username contains " - "forbidden character(s)"; - return FALSE; - } else { - str_append_c(username, *p); - } + if (username == NULL) { + *error_r = "Username escaping is invalid"; + return FALSE; } if (!auth_request_set_username(&request->auth_request, - str_c(username), error)) - return FALSE; + username, error_r)) + return FALSE; } else { - *error = "Invalid username"; + *error_r = "Invalid username field"; return FALSE; } if (fields[3][0] == 'r') request->cnonce = p_strdup(request->pool, fields[3]+2); else { - *error = "Invalid client nonce"; + *error_r = "Invalid client nonce"; return FALSE; } @@ -200,7 +208,6 @@ otherwise the GS2 header doesn't have a fixed length */ request->client_first_message_bare = p_strndup(request->pool, data + 3, size - 3); - return TRUE; } @@ -215,8 +222,8 @@ size_t i; /* FIXME: credentials should be SASLprepped UTF8 data here */ - Hi(credentials, size, request->salt, sizeof(request->salt), 4096, - request->salted_password); + Hi(credentials, size, request->salt, sizeof(request->salt), + SCRAM_ITERATE_COUNT, request->salted_password); hmac_sha1_init(&ctx, request->salted_password, sizeof(request->salted_password)); @@ -239,11 +246,8 @@ safe_memset(client_key, 0, sizeof(client_key)); safe_memset(stored_key, 0, sizeof(stored_key)); - if (!memcmp(client_signature, request->proof->data, - request->proof->used)) - return TRUE; - - return FALSE; + return memcmp(client_signature, request->proof->data, + request->proof->used) == 0; } static void credentials_callback(enum passdb_result result, @@ -258,14 +262,14 @@ case PASSDB_RESULT_OK: if (!verify_credentials(request, credentials, size)) { auth_request_log_info(auth_request, "scram-sha-1", - "password mismatch"); + "password mismatch"); auth_request_fail(auth_request); } else { request->authenticated = TRUE; server_final_message = get_scram_server_final(request); auth_request_handler_reply_continue(auth_request, - server_final_message, - strlen(server_final_message)); + server_final_message, + strlen(server_final_message)); } break; case PASSDB_RESULT_INTERNAL_FAILURE: @@ -278,35 +282,33 @@ } static bool parse_scram_client_final(struct scram_auth_request *request, - const unsigned char *data, - size_t size ATTR_UNUSED, - const char **error) + const unsigned char *data, size_t size, + const char **error_r) { - const char **fields; + const char **fields, *cbind_input, *nonce_str; unsigned int field_count; - const char *cbind_input; string_t *str; - fields = t_strsplit((const char*)data, ","); + fields = t_strsplit(t_strndup(data, size), ","); field_count = str_array_length(fields); - if (field_count < 3) { - *error = "Invalid final client message"; + *error_r = "Invalid final client message"; return FALSE; From dovecot at dovecot.org Thu Nov 24 00:53:50 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 00:53:50 +0200 Subject: dovecot-2.1: auth: If client gives "final-resp-ok" parameter, se... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/f2608c3a64ee changeset: 13765:f2608c3a64ee user: Timo Sirainen date: Thu Nov 24 00:51:27 2011 +0200 description: auth: If client gives "final-resp-ok" parameter, send it in OK reply with DIGEST-MD5, SCRAM-SHA-1 diffstat: src/auth/auth-request.c | 16 +++++++++++++++- src/auth/auth-request.h | 1 + src/auth/mech-digest-md5.c | 14 ++------------ src/auth/mech-scram-sha1.c | 14 ++------------ 4 files changed, 20 insertions(+), 25 deletions(-) diffs (129 lines): diff -r 34b3655ca484 -r f2608c3a64ee src/auth/auth-request.c --- a/src/auth/auth-request.c Wed Nov 23 22:55:57 2011 +0200 +++ b/src/auth/auth-request.c Thu Nov 24 00:51:27 2011 +0200 @@ -111,8 +111,15 @@ return; } + request->successful = TRUE; + if (data_size > 0 && !request->final_resp_ok) { + /* we'll need one more SASL round, since client doesn't support + the final SASL response */ + auth_request_handler_reply_continue(request, data, data_size); + return; + } + auth_request_set_state(request, AUTH_REQUEST_STATE_FINISHED); - request->successful = TRUE; auth_request_refresh_last_access(request); auth_request_handler_reply(request, AUTH_CLIENT_RESULT_SUCCESS, data, data_size); @@ -235,6 +242,8 @@ /* auth client may set these */ if (strcmp(key, "secured") == 0) request->secured = TRUE; + else if (strcmp(key, "final-resp-ok") == 0) + request->final_resp_ok = TRUE; else if (strcmp(key, "no-penalty") == 0) request->no_penalty = TRUE; else if (strcmp(key, "valid-client-cert") == 0) @@ -296,6 +305,11 @@ { i_assert(request->state == AUTH_REQUEST_STATE_MECH_CONTINUE); + if (request->successful) { + auth_request_success(request, NULL, 0); + return; + } + auth_request_refresh_last_access(request); request->mech->auth_continue(request, data, data_size); } diff -r 34b3655ca484 -r f2608c3a64ee src/auth/auth-request.h --- a/src/auth/auth-request.h Wed Nov 23 22:55:57 2011 +0200 +++ b/src/auth/auth-request.h Thu Nov 24 00:51:27 2011 +0200 @@ -111,6 +111,7 @@ unsigned int userdb_lookup:1; unsigned int userdb_lookup_failed:1; unsigned int secured:1; + unsigned int final_resp_ok:1; unsigned int removed_from_handler:1; /* ... mechanism specific data ... */ diff -r 34b3655ca484 -r f2608c3a64ee src/auth/mech-digest-md5.c --- a/src/auth/mech-digest-md5.c Wed Nov 23 22:55:57 2011 +0200 +++ b/src/auth/mech-digest-md5.c Thu Nov 24 00:51:27 2011 +0200 @@ -34,7 +34,6 @@ struct auth_request auth_request; pool_t pool; - unsigned int authenticated:1; /* requested: */ char *nonce; @@ -505,10 +504,8 @@ return; } - request->authenticated = TRUE; - auth_request_handler_reply_continue(auth_request, - request->rspauth, - strlen(request->rspauth)); + auth_request_success(auth_request, request->rspauth, + strlen(request->rspauth)); break; case PASSDB_RESULT_INTERNAL_FAILURE: auth_request_internal_failure(auth_request); @@ -527,13 +524,6 @@ (struct digest_auth_request *)auth_request; const char *username, *error; - if (request->authenticated) { - /* authentication is done, we were just waiting the last - word from client */ - auth_request_success(auth_request, NULL, 0); - return; - } - if (parse_digest_response(request, data, data_size, &error)) { if (auth_request->realm != NULL && strchr(request->username, '@') == NULL) { diff -r 34b3655ca484 -r f2608c3a64ee src/auth/mech-scram-sha1.c --- a/src/auth/mech-scram-sha1.c Wed Nov 23 22:55:57 2011 +0200 +++ b/src/auth/mech-scram-sha1.c Thu Nov 24 00:51:27 2011 +0200 @@ -25,7 +25,6 @@ struct auth_request auth_request; pool_t pool; - unsigned int authenticated:1; /* sent: */ const char *server_first_message; @@ -265,11 +264,9 @@ "password mismatch"); auth_request_fail(auth_request); } else { - request->authenticated = TRUE; server_final_message = get_scram_server_final(request); - auth_request_handler_reply_continue(auth_request, - server_final_message, - strlen(server_final_message)); + auth_request_success(auth_request, server_final_message, + strlen(server_final_message)); } break; case PASSDB_RESULT_INTERNAL_FAILURE: @@ -348,13 +345,6 @@ (struct scram_auth_request *)auth_request; const char *error = NULL; - if (request->authenticated) { - /* authentication is done, we were just waiting the last (empty) - client response */ - auth_request_success(auth_request, NULL, 0); - return; - } - if (!request->client_first_message_bare) { /* Received client-first-message */ if (parse_scram_client_first(request, data, From dovecot at dovecot.org Thu Nov 24 00:53:50 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 00:53:50 +0200 Subject: dovecot-2.1: lib-auth: Added AUTH_REQUEST_FLAG_SUPPORT_FINAL_RES... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/a19fb078a259 changeset: 13766:a19fb078a259 user: Timo Sirainen date: Thu Nov 24 00:51:41 2011 +0200 description: lib-auth: Added AUTH_REQUEST_FLAG_SUPPORT_FINAL_RESP flag. diffstat: src/lib-auth/auth-client-request.c | 2 ++ src/lib-auth/auth-client.h | 4 +++- 2 files changed, 5 insertions(+), 1 deletions(-) diffs (26 lines): diff -r f2608c3a64ee -r a19fb078a259 src/lib-auth/auth-client-request.c --- a/src/lib-auth/auth-client-request.c Thu Nov 24 00:51:27 2011 +0200 +++ b/src/lib-auth/auth-client-request.c Thu Nov 24 00:51:41 2011 +0200 @@ -34,6 +34,8 @@ str_append(str, "\tservice="); str_tabescape_write(str, info->service); + if ((info->flags & AUTH_REQUEST_FLAG_SUPPORT_FINAL_RESP) != 0) + str_append(str, "\tfinal-resp-ok"); if ((info->flags & AUTH_REQUEST_FLAG_SECURED) != 0) str_append(str, "\tsecured"); if ((info->flags & AUTH_REQUEST_FLAG_NO_PENALTY) != 0) diff -r f2608c3a64ee -r a19fb078a259 src/lib-auth/auth-client.h --- a/src/lib-auth/auth-client.h Thu Nov 24 00:51:27 2011 +0200 +++ b/src/lib-auth/auth-client.h Thu Nov 24 00:51:41 2011 +0200 @@ -11,7 +11,9 @@ AUTH_REQUEST_FLAG_SECURED = 0x01, AUTH_REQUEST_FLAG_VALID_CLIENT_CERT = 0x02, /* Skip penalty checks for this request */ - AUTH_REQUEST_FLAG_NO_PENALTY = 0x04 + AUTH_REQUEST_FLAG_NO_PENALTY = 0x04, + /* Support final SASL response */ + AUTH_REQUEST_FLAG_SUPPORT_FINAL_RESP = 0x08 }; enum auth_request_status { From dovecot at dovecot.org Thu Nov 24 00:53:50 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 00:53:50 +0200 Subject: dovecot-2.1: login: Use AUTH_REQUEST_FLAG_SUPPORT_FINAL_RESP if ... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/4ecb77154ac7 changeset: 13767:4ecb77154ac7 user: Timo Sirainen date: Thu Nov 24 00:52:09 2011 +0200 description: login: Use AUTH_REQUEST_FLAG_SUPPORT_FINAL_RESP if protocol supports it. diffstat: src/imap-login/client.c | 4 +++- src/login-common/login-common.h | 2 ++ src/login-common/sasl-server.c | 2 ++ src/pop3-login/client.c | 4 +++- 4 files changed, 10 insertions(+), 2 deletions(-) diffs (52 lines): diff -r a19fb078a259 -r 4ecb77154ac7 src/imap-login/client.c --- a/src/imap-login/client.c Thu Nov 24 00:51:41 2011 +0200 +++ b/src/imap-login/client.c Thu Nov 24 00:52:09 2011 +0200 @@ -499,7 +499,9 @@ .client_vfuncs = &imap_client_vfuncs, .preinit = imap_login_preinit, .init = imap_login_init, - .deinit = imap_login_deinit + .deinit = imap_login_deinit, + + .sasl_support_final_reply = FALSE }; int main(int argc, char *argv[]) diff -r a19fb078a259 -r 4ecb77154ac7 src/login-common/login-common.h --- a/src/login-common/login-common.h Thu Nov 24 00:51:41 2011 +0200 +++ b/src/login-common/login-common.h Thu Nov 24 00:52:09 2011 +0200 @@ -27,6 +27,8 @@ void (*preinit)(void); void (*init)(void); void (*deinit)(void); + + bool sasl_support_final_reply; }; extern const struct login_binary *login_binary; diff -r a19fb078a259 -r 4ecb77154ac7 src/login-common/sasl-server.c --- a/src/login-common/sasl-server.c Thu Nov 24 00:51:41 2011 +0200 +++ b/src/login-common/sasl-server.c Thu Nov 24 00:52:09 2011 +0200 @@ -72,6 +72,8 @@ /* e.g. webmail */ auth_flags |= AUTH_REQUEST_FLAG_NO_PENALTY; } + if (login_binary->sasl_support_final_reply) + auth_flags |= AUTH_REQUEST_FLAG_SUPPORT_FINAL_RESP; return auth_flags; } diff -r a19fb078a259 -r 4ecb77154ac7 src/pop3-login/client.c --- a/src/pop3-login/client.c Thu Nov 24 00:51:41 2011 +0200 +++ b/src/pop3-login/client.c Thu Nov 24 00:52:09 2011 +0200 @@ -252,7 +252,9 @@ .client_vfuncs = &pop3_client_vfuncs, .preinit = pop3_login_preinit, .init = pop3_login_init, - .deinit = pop3_login_deinit + .deinit = pop3_login_deinit, + + .sasl_support_final_reply = FALSE }; int main(int argc, char *argv[]) From dovecot at dovecot.org Thu Nov 24 00:53:50 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 00:53:50 +0200 Subject: dovecot-2.1: lib-storage: Getting headers as UTF-8 could have re... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/40aba52a4386 changeset: 13768:40aba52a4386 user: Timo Sirainen date: Thu Nov 24 00:53:37 2011 +0200 description: lib-storage: Getting headers as UTF-8 could have returned garbage for multi-line headers. diffstat: src/lib-storage/index/index-mail-headers.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r 4ecb77154ac7 -r 40aba52a4386 src/lib-storage/index/index-mail-headers.c --- a/src/lib-storage/index/index-mail-headers.c Thu Nov 24 00:52:09 2011 +0200 +++ b/src/lib-storage/index/index-mail-headers.c Thu Nov 24 00:53:37 2011 +0200 @@ -717,7 +717,7 @@ /* decode MIME encoded-words. decoding may also add new LFs. */ if (message_header_decode_utf8((const unsigned char *)input, - strlen(list[i]), str, FALSE)) + strlen(input), str, FALSE)) input = p_strdup(mail->data_pool, str_c(str)); decoded_list[i] = input; } From dovecot at dovecot.org Thu Nov 24 01:12:45 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 01:12:45 +0200 Subject: dovecot-2.1: auth: LDAP iterate's debug message didn't use expan... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/1fed3c1c166e changeset: 13769:1fed3c1c166e user: Timo Sirainen date: Thu Nov 24 01:12:33 2011 +0200 description: auth: LDAP iterate's debug message didn't use expanded base string. diffstat: src/auth/userdb-ldap.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r 40aba52a4386 -r 1fed3c1c166e src/auth/userdb-ldap.c --- a/src/auth/userdb-ldap.c Thu Nov 24 00:53:37 2011 +0200 +++ b/src/auth/userdb-ldap.c Thu Nov 24 01:12:33 2011 +0200 @@ -222,7 +222,7 @@ if (global_auth_settings->debug) { i_debug("ldap: iterate: base=%s scope=%s filter=%s fields=%s", - conn->set.base, conn->set.scope, + request->request.base, conn->set.scope, request->request.filter, attr_names == NULL ? "(all)" : t_strarray_join(attr_names, ",")); } From pigeonhole at rename-it.nl Thu Nov 24 01:25:48 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Thu, 24 Nov 2011 00:25:48 +0100 Subject: dovecot-2.1-pigeonhole: Added editheader support. Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/253a0672ad92 changeset: 1549:253a0672ad92 user: Stephan Bosch date: Thu Nov 24 00:24:47 2011 +0100 description: Added editheader support. diffstat: Makefile.am | 4 + README | 2 +- TODO | 2 + configure.in | 1 + doc/rfc/editheader.rfc5293.txt | 507 +++++ src/lib-sieve/Makefile.am | 4 + src/lib-sieve/cmd-keep.c | 3 + src/lib-sieve/cmd-redirect.c | 18 +- src/lib-sieve/edit-mail.c | 1704 +++++++++++++++++++ src/lib-sieve/edit-mail.h | 46 + src/lib-sieve/ext-fileinto.c | 3 + src/lib-sieve/plugins/Makefile.am | 1 + src/lib-sieve/plugins/editheader/Makefile.am | 16 + src/lib-sieve/plugins/editheader/cmd-addheader.c | 252 ++ src/lib-sieve/plugins/editheader/cmd-deleteheader.c | 532 ++++++ src/lib-sieve/plugins/editheader/ext-editheader-common.c | 28 + src/lib-sieve/plugins/editheader/ext-editheader-common.h | 33 + src/lib-sieve/plugins/editheader/ext-editheader.c | 67 + src/lib-sieve/rfc2822.c | 124 +- src/lib-sieve/rfc2822.h | 4 + src/lib-sieve/sieve-actions.c | 18 +- src/lib-sieve/sieve-actions.h | 1 + src/lib-sieve/sieve-extensions.c | 4 +- src/lib-sieve/sieve-interpreter.c | 1 + src/lib-sieve/sieve-match-types.c | 22 + src/lib-sieve/sieve-match-types.h | 3 + src/lib-sieve/sieve-message.c | 56 +- src/lib-sieve/sieve-message.h | 10 + src/lib-sieve/sieve-result.c | 2 + src/lib-sieve/tst-exists.c | 5 +- src/lib-sieve/tst-size.c | 6 +- src/testsuite/testsuite-message.c | 28 +- tests/extensions/editheader/addheader.svtest | 323 +++ tests/extensions/editheader/alternating.svtest | 122 + tests/extensions/editheader/deleteheader.svtest | 833 +++++++++ tests/extensions/editheader/utf8.svtest | 49 + 36 files changed, 4756 insertions(+), 78 deletions(-) diffs (truncated from 5435 to 300 lines): diff -r c94b71745f38 -r 253a0672ad92 Makefile.am --- a/Makefile.am Sat Nov 19 17:51:03 2011 +0100 +++ b/Makefile.am Thu Nov 24 00:24:47 2011 +0100 @@ -126,6 +126,10 @@ tests/extensions/ihave/execute.svtest \ tests/extensions/ihave/errors.svtest \ tests/extensions/ihave/restrictions.svtest \ + tests/extensions/editheader/addheader.svtest \ + tests/extensions/editheader/deleteheader.svtest \ + tests/extensions/editheader/alternating.svtest \ + tests/extensions/editheader/utf8.svtest \ tests/extensions/vnd.dovecot/debug/execute.svtest \ tests/deprecated/notify/basic.svtest \ tests/deprecated/notify/mailto.svtest \ diff -r c94b71745f38 -r 253a0672ad92 README --- a/README Sat Nov 19 17:51:03 2011 +0100 +++ b/README Thu Nov 24 00:24:47 2011 +0100 @@ -112,6 +112,7 @@ spamtest and virustest (RFC 5235): fully supported (v0.1.16+), but currently considered experimental. date (RFC 5260; Section 4): fully supported (v0.1.12+). + editheader (RFC 5293): fully supported (v0.3.0+). reject (RFC 5429; Section 2.2): fully supported. enotify (RFC 5435): fully supported (v0.1.3+). mailto method (RFC 5436): fully supported (v0.1.3+). @@ -142,7 +143,6 @@ author has taken notice of the following extensions: index (RFC 5260; page 7): planned. - editheader (RFC 5293): planned. foreverypart, mime, replace, enclose, and extracttext (RFC 5703): planned. These extensions will be added as soon as the necessary infrastructure is diff -r c94b71745f38 -r 253a0672ad92 TODO --- a/TODO Sat Nov 19 17:51:03 2011 +0100 +++ b/TODO Thu Nov 24 00:24:47 2011 +0100 @@ -1,6 +1,8 @@ Current activities: * Implement editheader extension + - Add header value verification to addheader command + - Add testsuite items for various error conditions Parallel plugin-based efforts: diff -r c94b71745f38 -r 253a0672ad92 configure.in --- a/configure.in Sat Nov 19 17:51:03 2011 +0100 +++ b/configure.in Thu Nov 24 00:24:47 2011 +0100 @@ -118,6 +118,7 @@ src/lib-sieve/plugins/date/Makefile src/lib-sieve/plugins/spamvirustest/Makefile src/lib-sieve/plugins/ihave/Makefile +src/lib-sieve/plugins/editheader/Makefile src/lib-sieve/plugins/vnd.dovecot/Makefile src/lib-sieve/plugins/vnd.dovecot/debug/Makefile src/lib-sieve-tool/Makefile diff -r c94b71745f38 -r 253a0672ad92 doc/rfc/editheader.rfc5293.txt --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/doc/rfc/editheader.rfc5293.txt Thu Nov 24 00:24:47 2011 +0100 @@ -0,0 +1,507 @@ + + + + + + +Network Working Group J. Degener +Request for Comments: 5293 P. Guenther +Category: Standards Track Sendmail, Inc. + August 2008 + + + Sieve Email Filtering: Editheader Extension + +Status of This Memo + + This document specifies an Internet standards track protocol for the + Internet community, and requests discussion and suggestions for + improvements. Please refer to the current edition of the "Internet + Official Protocol Standards" (STD 1) for the standardization state + and status of this protocol. Distribution of this memo is unlimited. + +Abstract + + This document defines two new actions for the "Sieve" email filtering + language that add and delete email header fields. + +1. Introduction + + Email header fields are a flexible and easy-to-understand means of + communication between email processors. This extension enables sieve + scripts to interact with other components that consume or produce + header fields by allowing the script to delete and add header fields. + +2. Conventions Used in This Document + + The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", + "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this + document are to be interpreted as described in [KEYWORDS]. + + Conventions for notations are as in Section 1.1 of [SIEVE], including + use of the "Usage:" label for the definition of action and tagged + arguments syntax. + + The term "header field" is used here as in [IMAIL] to mean a logical + line of an email message header. + +3. Capability Identifier + + The capability string associated with the extension defined in this + document is "editheader". + + + + + + +Degener & Guenther Standards Track [Page 1] + +RFC 5293 Sieve Email Filtering: Editheader Extension August 2008 + + +4. Action addheader + + Usage: "addheader" [":last"] + + The addheader action adds a header field to the existing message + header. If the field-name is not a valid 7-bit US-ASCII header field + name, as described by the [IMAIL] "field-name" nonterminal syntax + element, the implementation MUST flag an error. The addheader action + does not affect Sieve's implicit keep. + + If the specified field value does not match the [IMAIL] + "unstructured" nonterminal syntax element or exceeds a length limit + set by the implementation, the implementation MUST either flag an + error or encode the field using folding white space and the encodings + described in [MIME3] or [MIMEPARAM] to be compliant with [IMAIL]. + + An implementation MAY impose a length limit onto the size of the + encoded header field; such a limit MUST NOT be less than 998 + characters, not including the terminating CRLF supplied by the + implementation. + + By default, the header field is inserted at the beginning of the + existing message header. If the optional flag ":last" is specified, + it is appended at the end. + + Example: + + /* Don't redirect if we already redirected */ + if not header :contains "X-Sieve-Filtered" + ["", ""] + { + addheader "X-Sieve-Filtered" ""; + redirect "kim at home.example.com"; + } + +5. Action deleteheader + + Usage: "deleteheader" [":index" [":last"]] + [COMPARATOR] [MATCH-TYPE] + + [] + + By default, the deleteheader action deletes all occurrences of the + named header field. The deleteheader action does not affect Sieve's + implicit keep. + + + + + + +Degener & Guenther Standards Track [Page 2] + +RFC 5293 Sieve Email Filtering: Editheader Extension August 2008 + + + The field-name is mandatory and always matched as a case-insensitive + US-ASCII string. If the field-name is not a valid 7-bit header field + name as described by the [IMAIL] "field-name" nonterminal syntax + element, the implementation MUST flag an error. + + The value-patterns, if specified, restrict which occurrences of the + header field are deleted to those whose values match any of the + specified value-patterns, the matching being according to the match- + type and comparator and performed as if by the "header" test. In + particular, leading and trailing whitespace in the field values is + ignored. If no value-patterns are specified, then the comparator and + match-type options are silently ignored. + + If :index is specified, the attempts to match a value are + limited to the occurrence of the named header field, + beginning at 1, the first named header field. If :last is specified, + the count is backwards; 1 denotes the last named header field, 2 the + second to last, and so on. The counting happens before the match, if any. For example: + + deleteheader :index 1 :contains "Delivered-To" + "bob at example.com"; + + deletes the first "Delivered-To" header field if it contains the + string "bob at example.com" (not the first "Delivered-To" field that + contains "bob at example.com"). + + It is not an error if no header fields match the conditions in the + deleteheader action or if the :index argument is greater than the + number of named header fields. + + The implementation MUST flag an error if :last is specified without + also specifying :index. + +6. Implementation Limitations on Changes + + As a matter of local policy, implementations MAY limit which header + fields may be deleted and which header fields may be added. However, + implementations MUST NOT permit attempts to delete "Received" and + "Auto-Submitted" header fields and MUST permit both addition and + deletion of the "Subject" header field. + + If a script tries to make a change that isn't permitted, the attempt + MUST be silently ignored. + + + + + + + +Degener & Guenther Standards Track [Page 3] + +RFC 5293 Sieve Email Filtering: Editheader Extension August 2008 + + +7. Interaction with Other Sieve Extensions + + Actions that generate [MDN], [DSN], or similar disposition messages + MUST do so using the original, unmodified message header. Similarly, + if an error terminates processing of the script, the original message + header MUST be used when doing the implicit keep required by Section + 2.10.6 of [SIEVE]. + + All other actions that store, send, or alter the message MUST do so + with the current set of header fields. This includes the addheader + and deleteheader actions themselves. For example, the following + leaves the message unchanged: + + addheader "X-Hello" "World"; + deleteheader :index 1 "X-Hello"; + + Similarly, given a message with three or more "X-Hello" header + fields, the following example deletes the first and third of them, + not the first and second: + + deleteheader :index 1 "X-Hello"; + deleteheader :index 2 "X-Hello"; + + Tests and actions such as "exists", "header", or "vacation" + [VACATION] that examine header fields MUST examine the current state + of a header as modified by any actions that have taken place so far. + + As an example, the "header" test in the following fragment will + always evaluate to true, regardless of whether or not the incoming + message contained an "X-Hello" header field: + + addheader "X-Hello" "World"; + if header :contains "X-Hello" "World" + { + fileinto "international"; + } + + However, if the presence or value of a header field affects how the + implementation parses or decodes other parts of the message, then, + for the purposes of that parsing or decoding, the implementation MAY + ignore some or all changes made to those header fields. For example, + in an implementation that supports the [BODY] extension, "body" tests + may be unaffected by deleting or adding "Content-Type" or "Content- + Transfer-Encoding" header fields. This does not rescind the + requirement that changes to those header fields affect direct tests; + only the semantic side effects of changes to the fields may be + ignored. + + + + +Degener & Guenther Standards Track [Page 4] + +RFC 5293 Sieve Email Filtering: Editheader Extension August 2008 + + + For the purpose of weeding out duplicates, a message modified by + addheader or deleteheader MUST be considered the same as the original + message. For example, in an implementation that obeys the constraint + in Section 2.10.3 of [SIEVE] and does not deliver the same message to + a folder more than once, the following code fragment + + keep; + addheader "X-Flavor" "vanilla"; + keep; + From pigeonhole at rename-it.nl Thu Nov 24 01:50:17 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Thu, 24 Nov 2011 00:50:17 +0100 Subject: dovecot-2.1-pigeonhole: lib-sieve: editheader extension: added u... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/6757a772b086 changeset: 1550:6757a772b086 user: Stephan Bosch date: Thu Nov 24 00:50:11 2011 +0100 description: lib-sieve: editheader extension: added utf8-decoding-related testsuite item. diffstat: tests/extensions/editheader/utf8.svtest | 48 ++++++++++++++++++++++++ 1 files changed, 48 insertions(+), 0 deletions(-) diffs (55 lines): diff -r 253a0672ad92 -r 6757a772b086 tests/extensions/editheader/utf8.svtest --- a/tests/extensions/editheader/utf8.svtest Thu Nov 24 00:24:47 2011 +0100 +++ b/tests/extensions/editheader/utf8.svtest Thu Nov 24 00:50:11 2011 +0100 @@ -47,3 +47,51 @@ } } +test_result_reset; + +test_set "message" text: +Subject: Frop! +Comment: Ein =?utf-8?q?unerh=C3=B6rt_gro=C3=9Fer?= Test +X-Spam: no +From: stephan at example.com +To: stephan at example.com + +Frop! +. +; + +test "UTF8 - existing; delete other; get" { + set "comment" "Ein unerh${unicode:00F6}rt gro${unicode:00DF}er Test"; + + deleteheader "x-spam"; + + if not exists "comment" { + test_fail "header not present"; + } + + if not header :is "comment" "${comment}" { + test_fail "wrong content retrieved"; + } + + redirect "frop at example.com"; + + if not test_result_execute { + test_fail "failed to execute result"; + } + + /* redirected message */ + + if not test_message :smtp 0 { + test_fail "message not redirected"; + } + + if not exists "comment" { + test_fail "header not present in redirected mail"; + } + + if not header :is "comment" "${comment}" { + test_fail "wrong content retrieved from redirected mail"; + } +} + + From dovecot at dovecot.org Thu Nov 24 01:53:12 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 01:53:12 +0200 Subject: dovecot-2.1: lib-ssl-iostream: Call OpenSSL_add_all_algorithms()... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/733ac4aba089 changeset: 13770:733ac4aba089 user: Timo Sirainen date: Thu Nov 24 01:34:02 2011 +0200 description: lib-ssl-iostream: Call OpenSSL_add_all_algorithms() to make some OpenSSL versions happy. diffstat: src/lib-ssl-iostream/iostream-openssl-context.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r 1fed3c1c166e -r 733ac4aba089 src/lib-ssl-iostream/iostream-openssl-context.c --- a/src/lib-ssl-iostream/iostream-openssl-context.c Thu Nov 24 01:12:33 2011 +0200 +++ b/src/lib-ssl-iostream/iostream-openssl-context.c Thu Nov 24 01:34:02 2011 +0200 @@ -438,6 +438,7 @@ ssl_global_initialized = TRUE; SSL_library_init(); SSL_load_error_strings(); + OpenSSL_add_all_algorithms(); dovecot_ssl_extdata_index = SSL_get_ex_new_index(0, dovecot, NULL, NULL, NULL); From dovecot at dovecot.org Thu Nov 24 01:53:12 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 01:53:12 +0200 Subject: dovecot-2.1: login: Save final SASL reply to client struct. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/cc497af529cd changeset: 13771:cc497af529cd user: Timo Sirainen date: Thu Nov 24 01:45:09 2011 +0200 description: login: Save final SASL reply to client struct. diffstat: src/login-common/client-common.h | 1 + src/login-common/sasl-server.c | 9 ++++++--- 2 files changed, 7 insertions(+), 3 deletions(-) diffs (32 lines): diff -r 733ac4aba089 -r cc497af529cd src/login-common/client-common.h --- a/src/login-common/client-common.h Thu Nov 24 01:34:02 2011 +0200 +++ b/src/login-common/client-common.h Thu Nov 24 01:45:09 2011 +0200 @@ -101,6 +101,7 @@ struct auth_client_request *auth_request; string_t *auth_response; time_t auth_first_started; + const char *sasl_final_resp; unsigned int master_auth_id; unsigned int master_tag; diff -r 733ac4aba089 -r cc497af529cd src/login-common/sasl-server.c --- a/src/login-common/sasl-server.c Thu Nov 24 01:34:02 2011 +0200 +++ b/src/login-common/sasl-server.c Thu Nov 24 01:45:09 2011 +0200 @@ -232,11 +232,14 @@ if (strncmp(args[i], "user=", 5) == 0) { i_free(client->virtual_user); client->virtual_user = i_strdup(args[i] + 5); - } - if (strcmp(args[i], "nologin") == 0 || - strcmp(args[i], "proxy") == 0) { + } else if (strcmp(args[i], "nologin") == 0 || + strcmp(args[i], "proxy") == 0) { /* user can't login */ nologin = TRUE; + } else if (strncmp(args[i], "resp=", 5) == 0 && + login_binary->sasl_support_final_reply) { + client->sasl_final_resp = + p_strdup(client->pool, args[i] + 5); } } From dovecot at dovecot.org Thu Nov 24 01:53:12 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 01:53:12 +0200 Subject: dovecot-2.1: login: Do engine cleanups _after_ finishing the use... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/9a474b7934c9 changeset: 13773:9a474b7934c9 user: Timo Sirainen date: Thu Nov 24 01:49:40 2011 +0200 description: login: Do engine cleanups _after_ finishing the used engine. diffstat: src/login-common/ssl-proxy-openssl.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (13 lines): diff -r ca49f570f0c1 -r 9a474b7934c9 src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Thu Nov 24 01:45:59 2011 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Thu Nov 24 01:49:40 2011 +0200 @@ -1340,8 +1340,8 @@ ssl_free_parameters(&ssl_params); SSL_CTX_free(ssl_client_ctx); if (ssl_engine != NULL) { + ENGINE_finish(ssl_engine); ENGINE_cleanup(); - ENGINE_finish(ssl_engine); } EVP_cleanup(); ERR_free_strings(); From dovecot at dovecot.org Thu Nov 24 01:53:12 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 01:53:12 +0200 Subject: dovecot-2.1: login: Added ssl_crypto_device setting to set OpenS... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/ca49f570f0c1 changeset: 13772:ca49f570f0c1 user: Timo Sirainen date: Thu Nov 24 01:45:59 2011 +0200 description: login: Added ssl_crypto_device setting to set OpenSSL engine. diffstat: src/login-common/login-settings.c | 2 ++ src/login-common/login-settings.h | 1 + src/login-common/ssl-proxy-openssl.c | 19 +++++++++++++++++++ 3 files changed, 22 insertions(+), 0 deletions(-) diffs (80 lines): diff -r cc497af529cd -r ca49f570f0c1 src/login-common/login-settings.c --- a/src/login-common/login-settings.c Thu Nov 24 01:45:09 2011 +0200 +++ b/src/login-common/login-settings.c Thu Nov 24 01:45:59 2011 +0200 @@ -35,6 +35,7 @@ DEF(SET_STR, ssl_cert_username_field), DEF(SET_STR, ssl_client_cert), DEF(SET_STR, ssl_client_key), + DEF(SET_STR, ssl_crypto_device), DEF(SET_BOOL, ssl_verify_client_cert), DEF(SET_BOOL, auth_ssl_require_client_cert), DEF(SET_BOOL, auth_ssl_username_from_cert), @@ -67,6 +68,7 @@ .ssl_cert_username_field = "commonName", .ssl_client_cert = "", .ssl_client_key = "", + .ssl_crypto_device = "", .ssl_verify_client_cert = FALSE, .auth_ssl_require_client_cert = FALSE, .auth_ssl_username_from_cert = FALSE, diff -r cc497af529cd -r ca49f570f0c1 src/login-common/login-settings.h --- a/src/login-common/login-settings.h Thu Nov 24 01:45:09 2011 +0200 +++ b/src/login-common/login-settings.h Thu Nov 24 01:45:59 2011 +0200 @@ -17,6 +17,7 @@ const char *ssl_cert_username_field; const char *ssl_client_cert; const char *ssl_client_key; + const char *ssl_crypto_device; bool ssl_verify_client_cert; bool auth_ssl_require_client_cert; bool auth_ssl_username_from_cert; diff -r cc497af529cd -r ca49f570f0c1 src/login-common/ssl-proxy-openssl.c --- a/src/login-common/ssl-proxy-openssl.c Thu Nov 24 01:45:09 2011 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Thu Nov 24 01:45:59 2011 +0200 @@ -21,6 +21,7 @@ #include "iostream-openssl.h" #include +#include #include #include #include @@ -99,6 +100,7 @@ static struct ssl_proxy *ssl_proxies; static struct ssl_parameters ssl_params; static int ssl_username_nid; +static ENGINE *ssl_engine; static void plain_read(struct ssl_proxy *proxy); static void ssl_read(struct ssl_proxy *proxy); @@ -1274,6 +1276,19 @@ SSL_load_error_strings(); OpenSSL_add_all_algorithms(); + if (*set->ssl_crypto_device != '\0') { + ENGINE_load_builtin_engines(); + ssl_engine = ENGINE_by_id(set->ssl_crypto_device); + if (ssl_engine == NULL) { + i_fatal("Unknown ssl_crypto_device: %s", + set->ssl_crypto_device); + } + ENGINE_init(ssl_engine); + ENGINE_set_default_RSA(ssl_engine); + ENGINE_set_default_DSA(ssl_engine); + ENGINE_set_default_ciphers(ssl_engine); + } + extdata_index = SSL_get_ex_new_index(0, dovecot, NULL, NULL, NULL); ssl_servers = hash_table_create(default_pool, default_pool, 0, @@ -1324,6 +1339,10 @@ ssl_free_parameters(&ssl_params); SSL_CTX_free(ssl_client_ctx); + if (ssl_engine != NULL) { + ENGINE_cleanup(); + ENGINE_finish(ssl_engine); + } EVP_cleanup(); ERR_free_strings(); } From dovecot at dovecot.org Thu Nov 24 01:53:12 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 01:53:12 +0200 Subject: dovecot-2.1: lib-ssl-iostream: Added crypto_device setting to se... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/e56409d9615c changeset: 13774:e56409d9615c user: Timo Sirainen date: Thu Nov 24 01:49:58 2011 +0200 description: lib-ssl-iostream: Added crypto_device setting to set OpenSSL engine. Multiple engines aren't supported, so the first crypto_device value gets used for all SSL connections. diffstat: src/lib-ssl-iostream/iostream-openssl-context.c | 27 +++++++++++++++++++++--- src/lib-ssl-iostream/iostream-ssl.h | 1 + 2 files changed, 24 insertions(+), 4 deletions(-) diffs (87 lines): diff -r 9a474b7934c9 -r e56409d9615c src/lib-ssl-iostream/iostream-openssl-context.c --- a/src/lib-ssl-iostream/iostream-openssl-context.c Thu Nov 24 01:49:40 2011 +0200 +++ b/src/lib-ssl-iostream/iostream-openssl-context.c Thu Nov 24 01:49:58 2011 +0200 @@ -6,6 +6,7 @@ #include #include +#include #include #include #include @@ -17,9 +18,10 @@ }; static bool ssl_global_initialized = FALSE; +static ENGINE *ssl_iostream_engine; int dovecot_ssl_extdata_index; -static void ssl_iostream_init_global(void); +static void ssl_iostream_init_global(const struct ssl_iostream_settings *set); const char *ssl_iostream_error(void) { @@ -369,7 +371,7 @@ struct ssl_iostream_context *ctx; SSL_CTX *ssl_ctx; - ssl_iostream_init_global(); + ssl_iostream_init_global(set); if ((ssl_ctx = SSL_CTX_new(SSLv23_client_method())) == NULL) { i_error("SSL_CTX_new() failed: %s", ssl_iostream_error()); return -1; @@ -393,7 +395,7 @@ struct ssl_iostream_context *ctx; SSL_CTX *ssl_ctx; - ssl_iostream_init_global(); + ssl_iostream_init_global(set); if ((ssl_ctx = SSL_CTX_new(SSLv23_server_method())) == NULL) { i_error("SSL_CTX_new() failed: %s", ssl_iostream_error()); return -1; @@ -422,11 +424,14 @@ static void ssl_iostream_deinit_global(void) { + if (ssl_iostream_engine != NULL) + ENGINE_finish(ssl_iostream_engine); + ENGINE_cleanup(); EVP_cleanup(); ERR_free_strings(); } -static void ssl_iostream_init_global(void) +static void ssl_iostream_init_global(const struct ssl_iostream_settings *set) { static char dovecot[] = "dovecot"; unsigned char buf; @@ -448,4 +453,18 @@ the first try, so this function may fail. It's still been initialized though. */ (void)RAND_bytes(&buf, 1); + + if (set->crypto_device != NULL && *set->crypto_device != '\0') { + ENGINE_load_builtin_engines(); + ssl_iostream_engine = ENGINE_by_id(set->crypto_device); + if (ssl_iostream_engine == NULL) { + i_error("Unknown ssl_crypto_device: %s", + set->crypto_device); + } else { + ENGINE_init(ssl_iostream_engine); + ENGINE_set_default_RSA(ssl_iostream_engine); + ENGINE_set_default_DSA(ssl_iostream_engine); + ENGINE_set_default_ciphers(ssl_iostream_engine); + } + } } diff -r 9a474b7934c9 -r e56409d9615c src/lib-ssl-iostream/iostream-ssl.h --- a/src/lib-ssl-iostream/iostream-ssl.h Thu Nov 24 01:49:40 2011 +0200 +++ b/src/lib-ssl-iostream/iostream-ssl.h Thu Nov 24 01:49:58 2011 +0200 @@ -11,6 +11,7 @@ const char *key; const char *key_password; const char *cert_username_field; + const char *crypto_device; bool verbose, verbose_invalid_cert; bool verify_remote_cert; From dovecot at dovecot.org Thu Nov 24 01:53:12 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 01:53:12 +0200 Subject: dovecot-2.1: imapc: Pass ssl_crypto_device setting to lib-ssl-io... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/e8c6ff480a18 changeset: 13775:e8c6ff480a18 user: Timo Sirainen date: Thu Nov 24 01:50:35 2011 +0200 description: imapc: Pass ssl_crypto_device setting to lib-ssl-iostream. diffstat: src/lib-imap-client/imapc-client.c | 1 + src/lib-imap-client/imapc-client.h | 1 + src/lib-storage/index/imapc/imapc-settings.c | 4 +++- src/lib-storage/index/imapc/imapc-settings.h | 1 + src/lib-storage/index/imapc/imapc-storage.c | 1 + 5 files changed, 7 insertions(+), 1 deletions(-) diffs (65 lines): diff -r e56409d9615c -r e8c6ff480a18 src/lib-imap-client/imapc-client.c --- a/src/lib-imap-client/imapc-client.c Thu Nov 24 01:49:58 2011 +0200 +++ b/src/lib-imap-client/imapc-client.c Thu Nov 24 01:50:35 2011 +0200 @@ -64,6 +64,7 @@ memset(&ssl_set, 0, sizeof(ssl_set)); ssl_set.ca_dir = set->ssl_ca_dir; ssl_set.verify_remote_cert = set->ssl_verify; + ssl_set.crypto_device = set->ssl_crypto_device; source = t_strdup_printf("%s:%u", set->host, set->port); if (ssl_iostream_context_init_client(source, &ssl_set, diff -r e56409d9615c -r e8c6ff480a18 src/lib-imap-client/imapc-client.h --- a/src/lib-imap-client/imapc-client.h Thu Nov 24 01:49:58 2011 +0200 +++ b/src/lib-imap-client/imapc-client.h Thu Nov 24 01:50:35 2011 +0200 @@ -59,6 +59,7 @@ bool ssl_verify; const char *rawlog_dir; + const char *ssl_crypto_device; bool debug; }; diff -r e56409d9615c -r e8c6ff480a18 src/lib-storage/index/imapc/imapc-settings.c --- a/src/lib-storage/index/imapc/imapc-settings.c Thu Nov 24 01:49:58 2011 +0200 +++ b/src/lib-storage/index/imapc/imapc-settings.c Thu Nov 24 01:50:35 2011 +0200 @@ -25,6 +25,7 @@ DEF(SET_BOOL, imapc_ssl_verify), DEF(SET_STR, imapc_rawlog_dir), + DEF(SET_STR, ssl_crypto_device), SETTING_DEFINE_LIST_END }; @@ -40,7 +41,8 @@ .imapc_ssl_ca_dir = "", .imapc_ssl_verify = TRUE, - .imapc_rawlog_dir = "" + .imapc_rawlog_dir = "", + .ssl_crypto_device = "" }; static const struct setting_parser_info imapc_setting_parser_info = { diff -r e56409d9615c -r e8c6ff480a18 src/lib-storage/index/imapc/imapc-settings.h --- a/src/lib-storage/index/imapc/imapc-settings.h Thu Nov 24 01:49:58 2011 +0200 +++ b/src/lib-storage/index/imapc/imapc-settings.h Thu Nov 24 01:50:35 2011 +0200 @@ -13,6 +13,7 @@ bool imapc_ssl_verify; const char *imapc_rawlog_dir; + const char *ssl_crypto_device; }; const struct setting_parser_info *imapc_get_setting_parser_info(void); diff -r e56409d9615c -r e8c6ff480a18 src/lib-storage/index/imapc/imapc-storage.c --- a/src/lib-storage/index/imapc/imapc-storage.c Thu Nov 24 01:49:58 2011 +0200 +++ b/src/lib-storage/index/imapc/imapc-storage.c Thu Nov 24 01:50:35 2011 +0200 @@ -246,6 +246,7 @@ set.ssl_mode = IMAPC_CLIENT_SSL_MODE_STARTTLS; else set.ssl_mode = IMAPC_CLIENT_SSL_MODE_NONE; + set.ssl_crypto_device = storage->set->ssl_crypto_device; storage->list = (struct imapc_mailbox_list *)ns->list; storage->list->storage = storage; From dovecot at dovecot.org Thu Nov 24 01:53:12 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 01:53:12 +0200 Subject: dovecot-2.1: example-config: Added ssl_crypto_device. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/a4e44005ee58 changeset: 13776:a4e44005ee58 user: Timo Sirainen date: Thu Nov 24 01:53:04 2011 +0200 description: example-config: Added ssl_crypto_device. diffstat: doc/example-config/conf.d/10-ssl.conf | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diffs (10 lines): diff -r e8c6ff480a18 -r a4e44005ee58 doc/example-config/conf.d/10-ssl.conf --- a/doc/example-config/conf.d/10-ssl.conf Thu Nov 24 01:50:35 2011 +0200 +++ b/doc/example-config/conf.d/10-ssl.conf Thu Nov 24 01:53:04 2011 +0200 @@ -42,3 +42,6 @@ # SSL ciphers to use #ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL + +# SSL crypto device to use, for valid values run "openssl engine" +#ssl_crypto_device = From dovecot at dovecot.org Thu Nov 24 02:06:58 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 02:06:58 +0200 Subject: dovecot-2.1: TODO updated Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/79bae0318b46 changeset: 13777:79bae0318b46 user: Timo Sirainen date: Thu Nov 24 01:58:28 2011 +0200 description: TODO updated diffstat: TODO | 5 ++--- 1 files changed, 2 insertions(+), 3 deletions(-) diffs (20 lines): diff -r a4e44005ee58 -r 79bae0318b46 TODO --- a/TODO Thu Nov 24 01:53:04 2011 +0200 +++ b/TODO Thu Nov 24 01:58:28 2011 +0200 @@ -4,14 +4,13 @@ - imapc: replacing existing imapc stream in error recovery crashes with file index-mail.c: line 812 (index_mail_stream_destroy_callback): assertion failed: (mail->data.destroying_stream) - - SASL success data response: convert to extra roundtrip with imap/pop3, - implement somehow to managesieve - per-namespace imapc_* settings? - mdbox/sdbox index rebuild -> quota rebuild? - solr separate attachments (patch) - sql connection pooling: Count lookup latencies, avoid servers with - significantly higher latencies. + significantly higher latencies. optionally use the secondary server only + as fallback - maildir_storage_sync_force() shouldn't do anything except find the new file, don't go expunging any more stuff or we could get recursively back to where we started, and stuff would break From dovecot at dovecot.org Thu Nov 24 02:06:58 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 02:06:58 +0200 Subject: dovecot-2.1: lib-lda: Use ostream corking better in LMTP/SMTP cl... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/31bce737a64b changeset: 13778:31bce737a64b user: Timo Sirainen date: Thu Nov 24 02:06:45 2011 +0200 description: lib-lda: Use ostream corking better in LMTP/SMTP client. diffstat: src/lib-lda/lmtp-client.c | 14 ++++++++------ 1 files changed, 8 insertions(+), 6 deletions(-) diffs (64 lines): diff -r 79bae0318b46 -r 31bce737a64b src/lib-lda/lmtp-client.c --- a/src/lib-lda/lmtp-client.c Thu Nov 24 01:58:28 2011 +0200 +++ b/src/lib-lda/lmtp-client.c Thu Nov 24 02:06:45 2011 +0200 @@ -330,7 +330,6 @@ static void lmtp_client_send_handshake(struct lmtp_client *client) { - o_stream_cork(client->output); switch (client->protocol) { case LMTP_CLIENT_PROTOCOL_LMTP: o_stream_send_str(client->output, @@ -343,9 +342,6 @@ client->set.my_hostname)); break; } - o_stream_send_str(client->output, - t_strdup_printf("MAIL FROM:%s\r\n", client->set.mail_from)); - o_stream_uncork(client->output); } static int lmtp_input_get_reply_code(const char *line, int *reply_code_r) @@ -395,6 +391,11 @@ lmtp_client_fail(client, line); return -1; } + if (client->input_state == LMTP_INPUT_STATE_LHLO) { + o_stream_send_str(client->output, + t_strdup_printf("MAIL FROM:%s\r\n", + client->set.mail_from)); + } client->input_state++; lmtp_client_send_rcpts(client); break; @@ -412,11 +413,9 @@ return -1; } client->input_state++; - o_stream_cork(client->output); if (client->data_header != NULL) o_stream_send_str(client->output, client->data_header); lmtp_client_send_data(client); - o_stream_uncork(client->output); break; case LMTP_INPUT_STATE_DATA: /* DATA replies */ @@ -432,8 +431,10 @@ const char *line; lmtp_client_ref(client); + o_stream_cork(client->output); while ((line = i_stream_read_next_line(client->input)) != NULL) { if (lmtp_client_input_line(client, line) < 0) { + o_stream_uncork(client->output); lmtp_client_unref(&client); return; } @@ -448,6 +449,7 @@ lmtp_client_fail(client, ERRSTR_TEMP_REMOTE_FAILURE " (disconnected in input)"); } + o_stream_uncork(client->output); lmtp_client_unref(&client); } From dovecot at dovecot.org Thu Nov 24 02:13:26 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 02:13:26 +0200 Subject: dovecot-2.1: Makefile: Added missing hmac-sha1.h Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/f33c1462bf80 changeset: 13779:f33c1462bf80 user: Timo Sirainen date: Thu Nov 24 02:13:13 2011 +0200 description: Makefile: Added missing hmac-sha1.h diffstat: src/lib/Makefile.am | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (11 lines): diff -r 31bce737a64b -r f33c1462bf80 src/lib/Makefile.am --- a/src/lib/Makefile.am Thu Nov 24 02:06:45 2011 +0200 +++ b/src/lib/Makefile.am Thu Nov 24 02:13:13 2011 +0200 @@ -161,6 +161,7 @@ hex-binary.h \ hex-dec.h \ hmac-md5.h \ + hmac-sha1.h \ home-expand.h \ hostpid.h \ imem.h \ From dovecot at dovecot.org Thu Nov 24 02:21:19 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 02:21:19 +0200 Subject: dovecot-2.1: man: mailbox[-guid] doesn't need to be first parame... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/7894c74cb740 changeset: 13780:7894c74cb740 user: Timo Sirainen date: Thu Nov 24 02:21:08 2011 +0200 description: man: mailbox[-guid] doesn't need to be first parameter in search query. diffstat: doc/man/doveadm-search-query.7 | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diffs (19 lines): diff -r f33c1462bf80 -r 7894c74cb740 doc/man/doveadm-search-query.7 --- a/doc/man/doveadm-search-query.7 Thu Nov 24 02:13:13 2011 +0200 +++ b/doc/man/doveadm-search-query.7 Thu Nov 24 02:21:08 2011 +0200 @@ -1,5 +1,5 @@ .\" Copyright (c) 2010 Dovecot authors, see the included COPYING file -.TH DOVEADM\-SEARCH\-QUERY 7 "2011-11-16" "Dovecot v2.1" "Dovecot" +.TH DOVEADM\-SEARCH\-QUERY 7 "2011-11-24" "Dovecot v2.1" "Dovecot" .SH NAME doveadm\-search\-query \- Overview of search queries for doveadm mailbox \ commands @@ -68,7 +68,7 @@ .B mailbox and the name of the mailbox or the keyword .B mailbox\-guid -and the mailbox\(aqs globally unique identifier at the beginning of the +and the mailbox\(aqs globally unique identifier in the .IR search_query . To find all messages in the mailbox with the GUID \(dq44f68b13ce97044b837f000035ca9452\(dq use: From dovecot at dovecot.org Thu Nov 24 02:48:11 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 02:48:11 +0200 Subject: dovecot-2.1: Released v2.1.rc1. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/18f32bf70fac changeset: 13781:18f32bf70fac user: Timo Sirainen date: Thu Nov 24 02:36:29 2011 +0200 description: Released v2.1.rc1. diffstat: NEWS | 2 +- configure.in | 5 +---- 2 files changed, 2 insertions(+), 5 deletions(-) diffs (26 lines): diff -r 7894c74cb740 -r 18f32bf70fac NEWS --- a/NEWS Thu Nov 24 02:21:08 2011 +0200 +++ b/NEWS Thu Nov 24 02:36:29 2011 +0200 @@ -1,4 +1,4 @@ -v2.1.beta1 2011-11-08 Timo Sirainen +v2.1.rc1 2011-11-24 Timo Sirainen * Plugins now use UTF-8 mailbox names rather than mUTF-7: acl, autocreate, expire, trash, virtual diff -r 7894c74cb740 -r 18f32bf70fac configure.in --- a/configure.in Thu Nov 24 02:21:08 2011 +0200 +++ b/configure.in Thu Nov 24 02:36:29 2011 +0200 @@ -1,5 +1,5 @@ AC_PREREQ([2.59]) -AC_INIT([Dovecot],[2.1.beta1],[dovecot at dovecot.org]) +AC_INIT([Dovecot],[2.1.rc1],[dovecot at dovecot.org]) AC_CONFIG_SRCDIR([src]) AM_INIT_AUTOMAKE([foreign]) @@ -2820,6 +2820,3 @@ if test "$not_fts" != ""; then echo " :$not_fts" fi - -echo -echo "NOTE: This is the UNSTABLE development branch of Dovecot v2.1." From dovecot at dovecot.org Thu Nov 24 02:48:12 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 02:48:12 +0200 Subject: dovecot-2.1: Added tag 2.1.rc1 for changeset 18f32bf70fac Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/7256163465c5 changeset: 13782:7256163465c5 user: Timo Sirainen date: Thu Nov 24 02:36:29 2011 +0200 description: Added tag 2.1.rc1 for changeset 18f32bf70fac diffstat: .hgtags | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 18f32bf70fac -r 7256163465c5 .hgtags --- a/.hgtags Thu Nov 24 02:36:29 2011 +0200 +++ b/.hgtags Thu Nov 24 02:36:29 2011 +0200 @@ -69,3 +69,4 @@ 11ef524500964054ae8e4e6150f890b1864139eb 2.0.15 f9e744ffe02135f6dc75e62db366bd39a8e19f99 2.1.alpha2 437ae2c24872b59056d08c7e67a0db5354710065 2.1.beta1 +18f32bf70fac3c022065d4bfcd1f3e1a74b06b10 2.1.rc1 From dovecot at dovecot.org Thu Nov 24 02:48:12 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 02:48:12 +0200 Subject: dovecot-2.1: Added signature for changeset 18f32bf70fac Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/34436a5a01e7 changeset: 13783:34436a5a01e7 user: Timo Sirainen date: Thu Nov 24 02:36:32 2011 +0200 description: Added signature for changeset 18f32bf70fac diffstat: .hgsigs | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diffs (8 lines): diff -r 7256163465c5 -r 34436a5a01e7 .hgsigs --- a/.hgsigs Thu Nov 24 02:36:29 2011 +0200 +++ b/.hgsigs Thu Nov 24 02:36:32 2011 +0200 @@ -32,3 +32,4 @@ 11ef524500964054ae8e4e6150f890b1864139eb 0 iEYEABECAAYFAk5zUvIACgkQyUhSUUBVisnDTgCdHVHSwKeZjHV4KrlTmqipFoO26mkAoIMqPTna3Y1ETIGnPq6XRCB90C8p f9e744ffe02135f6dc75e62db366bd39a8e19f99 0 iEYEABECAAYFAk5zVngACgkQyUhSUUBVisntgQCfaceKIsHTtbu6LpUd2Tjj8lIHXZYAn3mCNW+Fc43t6M1tIE/ZUEwiWzCv 437ae2c24872b59056d08c7e67a0db5354710065 0 iEYEABECAAYFAk65qLwACgkQyUhSUUBVismRQACfad1LMF1iLd3vsFmxsONlDFEgxVwAnRmJRtv17mIUxvuzixLgc6bEtJvX +18f32bf70fac3c022065d4bfcd1f3e1a74b06b10 0 iEUEABECAAYFAk7NkY0ACgkQyUhSUUBVisl8xgCfSg6EA1Bz+7vShYM1YzRQCXNJx7UAlRBpHQmMenUfxRi/98DUsQs0uN0= From dovecot at dovecot.org Thu Nov 24 03:06:19 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 03:06:19 +0200 Subject: dovecot-2.1: NEWS, README: Added SCRAM-SHA-1 support. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/f6069185b418 changeset: 13784:f6069185b418 user: Timo Sirainen date: Thu Nov 24 03:05:54 2011 +0200 description: NEWS, README: Added SCRAM-SHA-1 support. diffstat: NEWS | 1 + README | 2 ++ 2 files changed, 3 insertions(+), 0 deletions(-) diffs (23 lines): diff -r 34436a5a01e7 -r f6069185b418 NEWS --- a/NEWS Thu Nov 24 02:36:32 2011 +0200 +++ b/NEWS Thu Nov 24 03:05:54 2011 +0200 @@ -25,6 +25,7 @@ autocreated mailboxes even if they don't physically exist. + Password and user databases now support default_fields and override_fields settings to specify template defaults/overrides. + + SCRAM-SHA-1 authentication mechanism by Florian Zeitz - listescape plugin works perfectly now v2.0.15 2011-09-16 Timo Sirainen diff -r 34436a5a01e7 -r f6069185b418 README --- a/README Thu Nov 24 02:36:32 2011 +0200 +++ b/README Thu Nov 24 03:05:54 2011 +0200 @@ -26,6 +26,8 @@ 2595 - Using TLS with IMAP, POP3 and ACAP 2831 - Using Digest Authentication as a SASL Mechanism (DIGEST-MD5) 2245 - Anonymous SASL Mechanism. + 5802 - Salted Challenge Response Authentication Mechanism (SCRAM) + SASL and GSS-API Mechanisms 2087 - IMAP4 QUOTA extension 2088 - IMAP4 non-synchronizing literals (LITERAL+) From dovecot at dovecot.org Thu Nov 24 21:27:30 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Thu, 24 Nov 2011 21:27:30 +0200 Subject: dovecot-2.1: auth: Dropped default client_limit back to default_... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/8c8dd04b8496 changeset: 13785:8c8dd04b8496 user: Timo Sirainen date: Thu Nov 24 21:27:19 2011 +0200 description: auth: Dropped default client_limit back to default_client_limit. Having it above 1024 logs an annoying warning at startup. Also in most cases the auth process wouldn't have nearly that many clients. If about 1000 imap/pop3 processes were logging in at the exact same time, the limit would be reached, but that's a bit unlikely. diffstat: src/auth/auth-settings.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r f6069185b418 -r 8c8dd04b8496 src/auth/auth-settings.c --- a/src/auth/auth-settings.c Thu Nov 24 03:05:54 2011 +0200 +++ b/src/auth/auth-settings.c Thu Nov 24 21:27:19 2011 +0200 @@ -49,7 +49,7 @@ .process_min_avail = 0, .process_limit = 1, - .client_limit = 4096, + .client_limit = 0, .service_count = 0, .idle_kill = 0, .vsz_limit = (uoff_t)-1, From dovecot at dovecot.org Fri Nov 25 04:25:21 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Fri, 25 Nov 2011 04:25:21 +0200 Subject: dovecot-2.1: fts-lucene: Fixed search when all terms were MUST_NOT. Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/1753a762b56f changeset: 13786:1753a762b56f user: Timo Sirainen date: Fri Nov 25 04:25:09 2011 +0200 description: fts-lucene: Fixed search when all terms were MUST_NOT. diffstat: src/plugins/fts-lucene/lucene-wrapper.cc | 92 ++++++++++++++++++++++++-------- 1 files changed, 69 insertions(+), 23 deletions(-) diffs (205 lines): diff -r 8c8dd04b8496 -r 1753a762b56f src/plugins/fts-lucene/lucene-wrapper.cc --- a/src/plugins/fts-lucene/lucene-wrapper.cc Thu Nov 24 21:27:19 2011 +0200 +++ b/src/plugins/fts-lucene/lucene-wrapper.cc Fri Nov 25 04:25:09 2011 +0200 @@ -39,6 +39,12 @@ using namespace lucene::analysis; using namespace lucene::util; +struct lucene_query { + Query *query; + BooleanClause::Occur occur; +}; +ARRAY_DEFINE_TYPE(lucene_query, struct lucene_query); + struct lucene_analyzer { char *lang; Analyzer *analyzer; @@ -1049,7 +1055,8 @@ } static bool -lucene_add_definite_query(struct lucene_index *index, BooleanQuery &query, +lucene_add_definite_query(struct lucene_index *index, + ARRAY_TYPE(lucene_query) &queries, struct mail_search_arg *arg, bool and_args) { Query *q; @@ -1099,22 +1106,26 @@ a stop word) */ return false; } + + struct lucene_query *lq = array_append_space(&queries); + lq->query = q; if (!and_args) - query.add(q, true, BooleanClause::SHOULD); + lq->occur = BooleanClause::SHOULD; else if (!arg->match_not) - query.add(q, true, BooleanClause::MUST); + lq->occur = BooleanClause::MUST; else - query.add(q, true, BooleanClause::MUST_NOT); + lq->occur = BooleanClause::MUST_NOT; return true; } static bool -lucene_add_maybe_query(struct lucene_index *index, BooleanQuery &query, +lucene_add_maybe_query(struct lucene_index *index, + ARRAY_TYPE(lucene_query) &queries, struct mail_search_arg *arg, bool and_args) { Query *q = NULL; - if (arg->match_not && !and_args) { + if (arg->match_not) { /* FIXME: we could handle this by doing multiple queries.. */ return false; } @@ -1146,25 +1157,56 @@ a stop word) */ return false; } + struct lucene_query *lq = array_append_space(&queries); + lq->query = q; if (!and_args) - query.add(q, true, BooleanClause::SHOULD); + lq->occur = BooleanClause::SHOULD; else if (!arg->match_not) - query.add(q, true, BooleanClause::MUST); + lq->occur = BooleanClause::MUST; else - query.add(q, true, BooleanClause::MUST_NOT); + lq->occur = BooleanClause::MUST_NOT; return true; + return true; +} + +static bool queries_have_non_must_nots(ARRAY_TYPE(lucene_query) &queries) +{ + const struct lucene_query *lq; + + array_foreach(&queries, lq) { + if (lq->occur != BooleanClause::MUST_NOT) + return TRUE; + } + return FALSE; +} + +static void search_query_add(BooleanQuery &query, + ARRAY_TYPE(lucene_query) &queries) +{ + BooleanQuery *search_query = _CLNEW BooleanQuery(); + const struct lucene_query *lq; + + if (queries_have_non_must_nots(queries)) { + array_foreach(&queries, lq) + search_query->add(lq->query, true, lq->occur); + query.add(search_query, true, BooleanClause::MUST); + } else { + array_foreach(&queries, lq) + search_query->add(lq->query, true, BooleanClause::SHOULD); + query.add(search_query, true, BooleanClause::MUST_NOT); + } } static int lucene_index_search(struct lucene_index *index, - Query &search_query, struct fts_result *result, - ARRAY_TYPE(seq_range) *uids_r) + ARRAY_TYPE(lucene_query) &queries, + struct fts_result *result, ARRAY_TYPE(seq_range) *uids_r) { struct fts_score_map *score; int ret = 0; BooleanQuery query; - query.add(&search_query, BooleanClause::MUST); + search_query_add(query, queries); Term mailbox_term(_T("box"), index->mailbox_guid); TermQuery mailbox_query(&mailbox_term); @@ -1214,34 +1256,36 @@ if (lucene_index_open_search(index) <= 0) return -1; - BooleanQuery def_query; + ARRAY_TYPE(lucene_query) def_queries; + t_array_init(&def_queries, 16); bool have_definites = false; for (arg = args; arg != NULL; arg = arg->next) { - if (lucene_add_definite_query(index, def_query, arg, and_args)) { + if (lucene_add_definite_query(index, def_queries, arg, and_args)) { arg->match_always = true; have_definites = true; } } if (have_definites) { - if (lucene_index_search(index, def_query, result, + if (lucene_index_search(index, def_queries, result, &result->definite_uids) < 0) return -1; } - BooleanQuery maybe_query; + ARRAY_TYPE(lucene_query) maybe_queries; + t_array_init(&maybe_queries, 16); bool have_maybies = false; for (arg = args; arg != NULL; arg = arg->next) { - if (lucene_add_maybe_query(index, maybe_query, arg, and_args)) { + if (lucene_add_maybe_query(index, maybe_queries, arg, and_args)) { arg->match_always = true; have_maybies = true; } } if (have_maybies) { - if (lucene_index_search(index, maybe_query, NULL, + if (lucene_index_search(index, maybe_queries, NULL, &result->maybe_uids) < 0) return -1; } @@ -1250,13 +1294,14 @@ static int lucene_index_search_multi(struct lucene_index *index, struct hash_table *guids, - Query &search_query, struct fts_multi_result *result) + ARRAY_TYPE(lucene_query) &queries, + struct fts_multi_result *result) { struct fts_score_map *score; int ret = 0; BooleanQuery query; - query.add(&search_query, BooleanClause::MUST); + search_query_add(query, queries); BooleanQuery mailbox_query; struct hash_iterate_context *iter; @@ -1324,11 +1369,12 @@ if (lucene_index_open_search(index) <= 0) return -1; - BooleanQuery def_query; + ARRAY_TYPE(lucene_query) def_queries; + t_array_init(&def_queries, 16); bool have_definites = false; for (arg = args; arg != NULL; arg = arg->next) { - if (lucene_add_definite_query(index, def_query, arg, and_args)) { + if (lucene_add_definite_query(index, def_queries, arg, and_args)) { arg->match_always = true; have_definites = true; } @@ -1336,7 +1382,7 @@ if (have_definites) { if (lucene_index_search_multi(index, guids, - def_query, result) < 0) + def_queries, result) < 0) return -1; } return 0; From pigeonhole at rename-it.nl Sat Nov 26 12:11:50 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 26 Nov 2011 11:11:50 +0100 Subject: dovecot-2.1-pigeonhole: lib-sieve: updated rfc2822 header field ... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/cdf52ef61f65 changeset: 1551:cdf52ef61f65 user: Stephan Bosch date: Sat Nov 26 11:09:58 2011 +0100 description: lib-sieve: updated rfc2822 header field body verification to exclude non-printing characters (RFC5322). diffstat: src/lib-sieve/plugins/enotify/mailto/uri-mailto.c | 3 +- src/lib-sieve/rfc2822.c | 42 ++++++++++++--------- src/lib-sieve/rfc2822.h | 2 +- 3 files changed, 27 insertions(+), 20 deletions(-) diffs (94 lines): diff -r 6757a772b086 -r cdf52ef61f65 src/lib-sieve/plugins/enotify/mailto/uri-mailto.c --- a/src/lib-sieve/plugins/enotify/mailto/uri-mailto.c Thu Nov 24 00:50:11 2011 +0100 +++ b/src/lib-sieve/plugins/enotify/mailto/uri-mailto.c Sat Nov 26 11:09:58 2011 +0100 @@ -442,7 +442,8 @@ if ( hname_type == _HNAME_BODY ) { // FIXME: verify body ... } else { - if ( !rfc2822_header_field_body_verify(str_c(field), str_len(field)) ) { + if ( !rfc2822_header_field_body_verify + (str_c(field), str_len(field), FALSE, FALSE) ) { uri_mailto_error(parser, "invalid header field body"); return FALSE; } diff -r 6757a772b086 -r cdf52ef61f65 src/lib-sieve/rfc2822.c --- a/src/lib-sieve/rfc2822.c Thu Nov 24 00:50:11 2011 +0100 +++ b/src/lib-sieve/rfc2822.c Sat Nov 26 11:09:58 2011 +0100 @@ -7,6 +7,7 @@ #include "lib.h" #include "str.h" +#include "unichar.h" #include "rfc2822.h" @@ -38,34 +39,39 @@ } bool rfc2822_header_field_body_verify -(const char *field_body, unsigned int len) +(const char *field_body, unsigned int len, bool allow_crlf, bool allow_utf8) { const char *p = field_body; const char *pend = p + len; + bool is8bit = FALSE; - /* unstructured = *([FWS] utext) [FWS] - * FWS = ([*WSP CRLF] 1*WSP) / ; Folding white space - * obs-FWS - * utext = NO-WS-CTL / ; Non white space controls - * %d33-126 / ; The rest of US-ASCII - * obs-utext - * NO-WS-CTL = %d1-8 / ; US-ASCII control characters - * %d11 / ; that do not include the - * %d12 / ; carriage return, line feed, - * %d14-31 / ; and white space characters - * %d127 - * WSP = SP / HTAB - */ - - /* This verification does not allow content to be folded. This should done - * automatically upon message composition. + /* RFC5322: + * + * unstructured = (*([FWS] VCHAR) *WSP) + * VCHAR = %x21-7E + * FWS = ([*WSP CRLF] 1*WSP) / ; Folding white space + * WSP = SP / HTAB ; White space */ while ( p < pend ) { - if ( *p == '\0' || *p == '\r' || *p == '\n' || ((unsigned char)*p) > 127 ) + if ( *p != '\t' && *p < 0x20 ) return FALSE; + if ( (*p == '\r' || *p == '\n') && !allow_crlf ) + return FALSE; + + if ( !is8bit && ((unsigned char)*p) > 127 ) { + if ( !allow_utf8 ) + return FALSE; + + is8bit = TRUE; + } + p++; + } + + if ( is8bit && !uni_utf8_str_is_valid(field_body) ) { + return FALSE; } return TRUE; diff -r 6757a772b086 -r cdf52ef61f65 src/lib-sieve/rfc2822.h --- a/src/lib-sieve/rfc2822.h Thu Nov 24 00:50:11 2011 +0100 +++ b/src/lib-sieve/rfc2822.h Sat Nov 26 11:09:58 2011 +0100 @@ -15,7 +15,7 @@ bool rfc2822_header_field_name_verify (const char *field_name, unsigned int len); bool rfc2822_header_field_body_verify -(const char *field_body, unsigned int len); + (const char *field_body, unsigned int len, bool allow_crlf, bool allow_utf8); /* * From pigeonhole at rename-it.nl Sat Nov 26 12:11:50 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 26 Nov 2011 11:11:50 +0100 Subject: dovecot-2.1-pigeonhole: lib-sieve: editheader extension: added r... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/a691c5c035f2 changeset: 1552:a691c5c035f2 user: Stephan Bosch date: Sat Nov 26 11:11:02 2011 +0100 description: lib-sieve: editheader extension: added runtime header field name verification. diffstat: src/lib-sieve/plugins/editheader/cmd-addheader.c | 11 +++++++++++ src/lib-sieve/plugins/editheader/cmd-deleteheader.c | 11 +++++++++++ 2 files changed, 22 insertions(+), 0 deletions(-) diffs (42 lines): diff -r cdf52ef61f65 -r a691c5c035f2 src/lib-sieve/plugins/editheader/cmd-addheader.c --- a/src/lib-sieve/plugins/editheader/cmd-addheader.c Sat Nov 26 11:09:58 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/cmd-addheader.c Sat Nov 26 11:11:02 2011 +0100 @@ -239,6 +239,17 @@ return ret; /* + * Verify arguments + */ + + if ( !rfc2822_header_field_name_verify + (str_c(field_name), str_len(field_name)) ) { + sieve_runtime_error(renv, NULL, "specified field name `%s' is invalid", + str_sanitize(str_c(field_name), 80)); + return SIEVE_EXEC_FAILURE; + } + + /* * Perform operation */ diff -r cdf52ef61f65 -r a691c5c035f2 src/lib-sieve/plugins/editheader/cmd-deleteheader.c --- a/src/lib-sieve/plugins/editheader/cmd-deleteheader.c Sat Nov 26 11:09:58 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/cmd-deleteheader.c Sat Nov 26 11:11:02 2011 +0100 @@ -426,6 +426,17 @@ return ret; /* + * Verify arguments + */ + + if ( !rfc2822_header_field_name_verify + (str_c(field_name), str_len(field_name)) ) { + sieve_runtime_error(renv, NULL, "specified field name `%s' is invalid", + str_sanitize(str_c(field_name), 80)); + return SIEVE_EXEC_FAILURE; + } + + /* * Execute command */ From pigeonhole at rename-it.nl Sat Nov 26 12:11:50 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 26 Nov 2011 11:11:50 +0100 Subject: dovecot-2.1-pigeonhole: testsuite: editheader extension: added e... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/258108f6eea5 changeset: 1553:258108f6eea5 user: Stephan Bosch date: Sat Nov 26 11:11:43 2011 +0100 description: testsuite: editheader extension: added error tests for header field name verification. diffstat: Makefile.am | 1 + tests/extensions/editheader/errors.svtest | 49 ++++++++++++++++ tests/extensions/editheader/errors/field-name-runtime.sieve | 6 ++ tests/extensions/editheader/errors/field-name.sieve | 19 ++++++ 4 files changed, 75 insertions(+), 0 deletions(-) diffs (97 lines): diff -r a691c5c035f2 -r 258108f6eea5 Makefile.am --- a/Makefile.am Sat Nov 26 11:11:02 2011 +0100 +++ b/Makefile.am Sat Nov 26 11:11:43 2011 +0100 @@ -130,6 +130,7 @@ tests/extensions/editheader/deleteheader.svtest \ tests/extensions/editheader/alternating.svtest \ tests/extensions/editheader/utf8.svtest \ + tests/extensions/editheader/errors.svtest \ tests/extensions/vnd.dovecot/debug/execute.svtest \ tests/deprecated/notify/basic.svtest \ tests/deprecated/notify/mailto.svtest \ diff -r a691c5c035f2 -r 258108f6eea5 tests/extensions/editheader/errors.svtest --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/extensions/editheader/errors.svtest Sat Nov 26 11:11:43 2011 +0100 @@ -0,0 +1,49 @@ +require "vnd.dovecot.testsuite"; +require "comparator-i;ascii-numeric"; +require "relational"; + +require "editheader"; + +test "Invalid field-name" { + if test_script_compile "errors/field-name.sieve" { + test_fail "compile should have failed"; + } + + if not test_error :count "eq" :comparator "i;ascii-numeric" "5" { + test_fail "wrong number of errors reported"; + } + + if not test_error :index 1 :matches "*field name*X-field:*invalid" { + test_fail "wrong error reported"; + } + + if not test_error :index 2 :matches "*field name*X field*invalid" { + test_fail "wrong error reported"; + } + + if not test_error :index 3 :matches "*field name*X-field:*invalid" { + test_fail "wrong error reported"; + } + + if not test_error :index 4 :matches "*field name*X field*invalid" { + test_fail "wrong error reported"; + } +} + +test "Invalid field-name at runtime " { + if not test_script_compile "errors/field-name-runtime.sieve" { + test_fail "compile failed"; + } + + if test_script_run { + test_fail "run should have failed"; + } + + if not test_error :count "eq" :comparator "i;ascii-numeric" "1" { + test_fail "wrong number of errors reported"; + } + + if not test_error :matches "*field name*X-field:*invalid" { + test_fail "wrong error reported"; + } +} diff -r a691c5c035f2 -r 258108f6eea5 tests/extensions/editheader/errors/field-name-runtime.sieve --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/extensions/editheader/errors/field-name-runtime.sieve Sat Nov 26 11:11:43 2011 +0100 @@ -0,0 +1,6 @@ +require "editheader"; +require "variables"; + +set "header" "X-field:"; + +addheader "${header}" "Frop"; diff -r a691c5c035f2 -r 258108f6eea5 tests/extensions/editheader/errors/field-name.sieve --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/extensions/editheader/errors/field-name.sieve Sat Nov 26 11:11:43 2011 +0100 @@ -0,0 +1,19 @@ +require "editheader"; + +# Ok +addheader "X-field" "Frop"; + +# Invalid ':' +addheader "X-field:" "Frop"; + +# Invalid ' ' +addheader "X field" "Frop"; + +# Ok +deleteheader "X-field"; + +# Invalid ':' +deleteheader "X-field:"; + +# Invalid ' ' +deleteheader "X field"; From pigeonhole at rename-it.nl Sat Nov 26 12:29:14 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 26 Nov 2011 11:29:14 +0100 Subject: dovecot-2.1-pigeonhole: lib-sieve: fixed bug caused by last chan... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/1143c225b528 changeset: 1554:1143c225b528 user: Stephan Bosch date: Sat Nov 26 11:29:07 2011 +0100 description: lib-sieve: fixed bug caused by last change to rfc2822 header verification. diffstat: src/lib-sieve/rfc2822.c | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diffs (23 lines): diff -r 258108f6eea5 -r 1143c225b528 src/lib-sieve/rfc2822.c --- a/src/lib-sieve/rfc2822.c Sat Nov 26 11:11:43 2011 +0100 +++ b/src/lib-sieve/rfc2822.c Sat Nov 26 11:29:07 2011 +0100 @@ -41,8 +41,8 @@ bool rfc2822_header_field_body_verify (const char *field_body, unsigned int len, bool allow_crlf, bool allow_utf8) { - const char *p = field_body; - const char *pend = p + len; + const unsigned char *p = (const unsigned char *)field_body; + const unsigned char *pend = p + len; bool is8bit = FALSE; /* RFC5322: @@ -60,7 +60,7 @@ if ( (*p == '\r' || *p == '\n') && !allow_crlf ) return FALSE; - if ( !is8bit && ((unsigned char)*p) > 127 ) { + if ( !is8bit && *p > 127 ) { if ( !allow_utf8 ) return FALSE; From pigeonhole at rename-it.nl Sat Nov 26 12:49:11 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 26 Nov 2011 11:49:11 +0100 Subject: dovecot-2.1-pigeonhole: testsuite: editheader extension: added e... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/df95edf614c4 changeset: 1555:df95edf614c4 user: Stephan Bosch date: Sat Nov 26 11:49:07 2011 +0100 description: testsuite: editheader extension: added error tests for header value verification. diffstat: src/lib-sieve/plugins/editheader/cmd-addheader.c | 25 +++++++++++- src/lib-sieve/plugins/editheader/cmd-deleteheader.c | 13 +++--- src/lib-sieve/rfc2822.c | 13 ++++-- tests/extensions/editheader/errors.svtest | 37 ++++++++++++++---- tests/extensions/editheader/errors/field-value.sieve | 15 +++++++ 5 files changed, 80 insertions(+), 23 deletions(-) diffs (199 lines): diff -r 1143c225b528 -r df95edf614c4 src/lib-sieve/plugins/editheader/cmd-addheader.c --- a/src/lib-sieve/plugins/editheader/cmd-addheader.c Sat Nov 26 11:29:07 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/cmd-addheader.c Sat Nov 26 11:49:07 2011 +0100 @@ -107,7 +107,7 @@ if ( !rfc2822_header_field_name_verify(str_c(fname), str_len(fname)) ) { sieve_argument_validate_error - (valdtr, arg, "specified field name `%s' is invalid", + (valdtr, arg, "addheader command: specified field name `%s' is invalid", str_sanitize(str_c(fname), 80)); return FALSE; } @@ -125,7 +125,17 @@ if ( !sieve_validator_argument_activate(valdtr, tst, arg, FALSE) ) return FALSE; - /* FIXME: validate value if constant */ + if ( sieve_argument_is_string_literal(arg) ) { + string_t *fvalue = sieve_ast_argument_str(arg); + + if ( !rfc2822_header_field_body_verify + (str_c(fvalue), str_len(fvalue), TRUE, TRUE) ) { + sieve_argument_validate_error + (valdtr, arg, "addheader command: specified value `%s' is invalid", + str_sanitize(str_c(fvalue), 80)); + return FALSE; + } + } return TRUE; } @@ -244,11 +254,20 @@ if ( !rfc2822_header_field_name_verify (str_c(field_name), str_len(field_name)) ) { - sieve_runtime_error(renv, NULL, "specified field name `%s' is invalid", + sieve_runtime_error(renv, NULL, "addheader action: " + "specified field name `%s' is invalid", str_sanitize(str_c(field_name), 80)); return SIEVE_EXEC_FAILURE; } + if ( !rfc2822_header_field_body_verify + (str_c(value), str_len(value), TRUE, TRUE) ) { + sieve_runtime_error(renv, NULL, "addheader action: " + "specified value `%s' is invalid", + str_sanitize(str_c(value), 80)); + return SIEVE_EXEC_FAILURE; + } + /* * Perform operation */ diff -r 1143c225b528 -r df95edf614c4 src/lib-sieve/plugins/editheader/cmd-deleteheader.c --- a/src/lib-sieve/plugins/editheader/cmd-deleteheader.c Sat Nov 26 11:29:07 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/cmd-deleteheader.c Sat Nov 26 11:49:07 2011 +0100 @@ -236,7 +236,7 @@ if ( arg == NULL ) { sieve_command_validate_error(valdtr, cmd, - "the %s %s expects at least one positioal argument, but none was found", + "the %s %s expects at least one positional argument, but none was found", sieve_command_identifier(cmd), sieve_command_type_name(cmd)); return FALSE; } @@ -253,9 +253,9 @@ string_t *fname = sieve_ast_argument_str(arg); if ( !rfc2822_header_field_name_verify(str_c(fname), str_len(fname)) ) { - sieve_argument_validate_error - (valdtr, arg, "specified field name `%s' is invalid", - str_sanitize(str_c(fname), 80)); + sieve_argument_validate_error(valdtr, arg, "deleteheader command:" + "specified field name `%s' is invalid", + str_sanitize(str_c(fname), 80)); return FALSE; } } @@ -431,7 +431,8 @@ if ( !rfc2822_header_field_name_verify (str_c(field_name), str_len(field_name)) ) { - sieve_runtime_error(renv, NULL, "specified field name `%s' is invalid", + sieve_runtime_error(renv, NULL, "deleteheader action: ", + "specified field name `%s' is invalid", str_sanitize(str_c(field_name), 80)); return SIEVE_EXEC_FAILURE; } @@ -513,7 +514,7 @@ if ( ret == 0 ) { sieve_runtime_trace(renv, 0, "header `%s' not found", str_c(field_name)); } else if ( ret < 0 ) { - sieve_runtime_warning(renv, NULL, "editheader action: " + sieve_runtime_warning(renv, NULL, "deleteheader action: " "failed to delete occurences of header `%s' (this should not happen!)", str_c(field_name)); } diff -r 1143c225b528 -r df95edf614c4 src/lib-sieve/rfc2822.c --- a/src/lib-sieve/rfc2822.c Sat Nov 26 11:29:07 2011 +0100 +++ b/src/lib-sieve/rfc2822.c Sat Nov 26 11:49:07 2011 +0100 @@ -54,11 +54,14 @@ */ while ( p < pend ) { - if ( *p != '\t' && *p < 0x20 ) - return FALSE; - - if ( (*p == '\r' || *p == '\n') && !allow_crlf ) - return FALSE; + if ( *p < 0x20 ) { + if ( (*p == '\r' || *p == '\n') ) { + if ( !allow_crlf ) + return FALSE; + } else if ( *p != '\t' ) { + return FALSE; + } + } if ( !is8bit && *p > 127 ) { if ( !allow_utf8 ) diff -r 1143c225b528 -r df95edf614c4 tests/extensions/editheader/errors.svtest --- a/tests/extensions/editheader/errors.svtest Sat Nov 26 11:29:07 2011 +0100 +++ b/tests/extensions/editheader/errors.svtest Sat Nov 26 11:49:07 2011 +0100 @@ -13,20 +13,20 @@ test_fail "wrong number of errors reported"; } - if not test_error :index 1 :matches "*field name*X-field:*invalid" { - test_fail "wrong error reported"; + if not test_error :index 1 :matches "*field name*X-field:*invalid*" { + test_fail "wrong error reported (1)"; } - if not test_error :index 2 :matches "*field name*X field*invalid" { - test_fail "wrong error reported"; + if not test_error :index 2 :matches "*field name*X field*invalid*" { + test_fail "wrong error reported (2)"; } - if not test_error :index 3 :matches "*field name*X-field:*invalid" { - test_fail "wrong error reported"; + if not test_error :index 3 :matches "*field name*X-field:*invalid*" { + test_fail "wrong error reported (3)"; } - if not test_error :index 4 :matches "*field name*X field*invalid" { - test_fail "wrong error reported"; + if not test_error :index 4 :matches "*field name*X field*invalid*" { + test_fail "wrong error reported (4)"; } } @@ -43,7 +43,26 @@ test_fail "wrong number of errors reported"; } - if not test_error :matches "*field name*X-field:*invalid" { + if not test_error :matches "*field name*X-field:*invalid*" { test_fail "wrong error reported"; } } + +test "Invalid field value" { + if test_script_compile "errors/field-value.sieve" { + test_fail "compile should have failed"; + } + + if not test_error :count "eq" :comparator "i;ascii-numeric" "3" { + test_fail "wrong number of errors reported"; + } + + if not test_error :index 1 :matches "*value*Yeah!?*invalid*" { + test_fail "wrong error reported (1)"; + } + + if not test_error :index 2 :matches "*value*Woah!*invalid*" { + test_fail "wrong error reported (2)"; + } +} + diff -r 1143c225b528 -r df95edf614c4 tests/extensions/editheader/errors/field-value.sieve --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/extensions/editheader/errors/field-value.sieve Sat Nov 26 11:49:07 2011 +0100 @@ -0,0 +1,15 @@ +require "editheader"; +require "encoded-character"; + +# Ok +addheader "X-field" "Frop"; + +# Ok +addheader "X-field" "Frop +Frml"; + +# Invalid 'BELL' +addheader "X-field" "Yeah!${hex:07}"; + +# Invalid 'NUL' +addheader "X-field" "Woah!${hex:00}"; From pigeonhole at rename-it.nl Sat Nov 26 15:19:57 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 26 Nov 2011 14:19:57 +0100 Subject: dovecot-2.1-pigeonhole: lib-sieve: editheader extension: fixed h... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/f7ec0ff8c3ba changeset: 1558:f7ec0ff8c3ba user: Stephan Bosch date: Sat Nov 26 14:19:09 2011 +0100 description: lib-sieve: editheader extension: fixed handling of pre-folded header values for added header fields. diffstat: src/lib-sieve/edit-mail.c | 41 ++++++++++++++++++++++++++++++++++++++--- 1 files changed, 38 insertions(+), 3 deletions(-) diffs (65 lines): diff -r 3d01485cb539 -r f7ec0ff8c3ba src/lib-sieve/edit-mail.c --- a/src/lib-sieve/edit-mail.c Sat Nov 26 14:18:05 2011 +0100 +++ b/src/lib-sieve/edit-mail.c Sat Nov 26 14:19:09 2011 +0100 @@ -689,6 +689,43 @@ return 1; } +static inline char *_header_value_unfold +(const char *value) +{ + string_t *out; + unsigned int i, j; + + for (i = 0; value[i] != '\0'; i++) { + if (value[i] == '\r' || value[i] == '\n') + break; + } + if (value[i] == '\0') { + return i_strdup(value); + } + + out = t_str_new(i + strlen(value+i) + 10); + str_append_n(out, value, i); + for (j = i; value[i] != '\0'; i++) { + if (value[i] == '\n') { + i++; + if (value[i] == '\0') + break; + + switch ( value[i] ) { + default: + str_append_c(out, '\t'); + case ' ': case '\t': + str_append_c(out, value[i]); + } + } else { + if (value[i] != '\r') + str_append_c(out, value[i]); + } + } + + return i_strndup(str_c(out), str_len(out)); +} + void edit_mail_header_add (struct edit_mail *edmail, const char *field_name, const char *value, bool last) { @@ -698,8 +735,6 @@ struct _header_field *field; unsigned int lines; - /* FIXME: validate value */ - edit_mail_modify(edmail); /* Get/create header index item */ @@ -731,7 +766,7 @@ } T_END; /* Record original (utf8) value */ - field->utf8_value = i_strdup(value); + field->utf8_value = _header_value_unfold(value); /* Add it to the header field index */ if ( last ) { From pigeonhole at rename-it.nl Sat Nov 26 15:19:57 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 26 Nov 2011 14:19:57 +0100 Subject: dovecot-2.1-pigeonhole: lib-sieve: editheader extension: fixed c... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/3d01485cb539 changeset: 1557:3d01485cb539 user: Stephan Bosch date: Sat Nov 26 14:18:05 2011 +0100 description: lib-sieve: editheader extension: fixed compile warning caused by spurious comma. diffstat: src/lib-sieve/plugins/editheader/cmd-deleteheader.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r 8af074872b41 -r 3d01485cb539 src/lib-sieve/plugins/editheader/cmd-deleteheader.c --- a/src/lib-sieve/plugins/editheader/cmd-deleteheader.c Sat Nov 26 14:06:50 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/cmd-deleteheader.c Sat Nov 26 14:18:05 2011 +0100 @@ -431,7 +431,7 @@ if ( !rfc2822_header_field_name_verify (str_c(field_name), str_len(field_name)) ) { - sieve_runtime_error(renv, NULL, "deleteheader action: ", + sieve_runtime_error(renv, NULL, "deleteheader action: " "specified field name `%s' is invalid", str_sanitize(str_c(field_name), 80)); return SIEVE_EXEC_FAILURE; From pigeonhole at rename-it.nl Sat Nov 26 15:19:56 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 26 Nov 2011 14:19:56 +0100 Subject: dovecot-2.1-pigeonhole: testsuite: added test_message_print comm... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/8af074872b41 changeset: 1556:8af074872b41 user: Stephan Bosch date: Sat Nov 26 14:06:50 2011 +0100 description: testsuite: added test_message_print command to print the current message content. diffstat: src/testsuite/cmd-test-message.c | 89 ++++++++++++++++++++++++++++++++++++++++++++- src/testsuite/ext-testsuite.c | 2 + src/testsuite/testsuite-common.h | 3 + 3 files changed, 93 insertions(+), 1 deletions(-) diffs (190 lines): diff -r df95edf614c4 -r 8af074872b41 src/testsuite/cmd-test-message.c --- a/src/testsuite/cmd-test-message.c Sat Nov 26 11:49:07 2011 +0100 +++ b/src/testsuite/cmd-test-message.c Sat Nov 26 14:06:50 2011 +0100 @@ -1,8 +1,12 @@ /* Copyright (c) 2002-2011 Pigeonhole authors, see the included COPYING file */ +#include "lib.h" +#include "istream.h" + #include "sieve-common.h" #include "sieve-commands.h" +#include "sieve-message.h" #include "sieve-validator.h" #include "sieve-generator.h" #include "sieve-interpreter.h" @@ -15,7 +19,10 @@ #include "testsuite-mailstore.h" /* - * Test_message command + * Commands + */ + +/* Test_message command * * Syntax: * test_message ( :smtp / :mailbox ) @@ -41,6 +48,25 @@ NULL }; +/* Test_message_print command + * + * Syntax: + * test_message_print + */ + +static bool cmd_test_message_print_generate + (const struct sieve_codegen_env *cgenv, struct sieve_command *cmd); + +const struct sieve_command_def cmd_test_message_print = { + "test_message_print", + SCT_COMMAND, + 0, 0, FALSE, FALSE, + NULL, NULL, NULL, NULL, + cmd_test_message_print_generate + , NULL +}; + + /* * Operations */ @@ -75,6 +101,21 @@ cmd_test_message_mailbox_operation_execute }; +/* Test_message_print operation */ + +static bool cmd_test_message_print_operation_dump + (const struct sieve_dumptime_env *denv, sieve_size_t *address); +static int cmd_test_message_print_operation_execute + (const struct sieve_runtime_env *renv, sieve_size_t *address); + +const struct sieve_operation_def test_message_print_operation = { + "TEST_MESSAGE_PRINT", + &testsuite_extension, + TESTSUITE_OPERATION_TEST_MESSAGE_PRINT, + cmd_test_message_print_operation_dump, + cmd_test_message_print_operation_execute +}; + /* * Compiler context data */ @@ -254,6 +295,15 @@ return TRUE; } +static bool cmd_test_message_print_generate +(const struct sieve_codegen_env *cgenv, struct sieve_command *cmd) +{ + /* Emit operation */ + sieve_operation_emit + (cgenv->sblock, cmd->ext, &test_message_print_operation); + return TRUE; +} + /* * Code dump */ @@ -292,6 +342,15 @@ sieve_opr_number_dump(denv, address, "index"); } +static bool cmd_test_message_print_operation_dump +(const struct sieve_dumptime_env *denv, sieve_size_t *address ATTR_UNUSED) +{ + sieve_code_dumpf(denv, "TEST_MESSAGE_PRINT"); + + return TRUE; +} + + /* * Intepretation */ @@ -420,7 +479,35 @@ return SIEVE_EXEC_OK; } +static int cmd_test_message_print_operation_execute +(const struct sieve_runtime_env *renv, sieve_size_t *address ATTR_UNUSED) +{ + struct mail *mail = sieve_message_get_mail(renv->msgctx); + struct istream *input; + const unsigned char *data; + size_t size; + int ret; + if (mail_get_stream(mail, NULL, NULL, &input) < 0) { + sieve_runtime_error(renv, NULL, + "test_message_print: failed to read current message"); + return SIEVE_EXEC_OK; + } + printf("\n--MESSAGE: \n"); + + /* Pipe the message to the outgoing SMTP transport */ + while ((ret=i_stream_read_data(input, &data, &size, 0)) > 0) { + write(1, data, size); + i_stream_skip(input, size); + } + printf("\n--MESSAGE--\n"); + + return SIEVE_EXEC_OK; +} + + + + diff -r df95edf614c4 -r 8af074872b41 src/testsuite/ext-testsuite.c --- a/src/testsuite/ext-testsuite.c Sat Nov 26 11:49:07 2011 +0100 +++ b/src/testsuite/ext-testsuite.c Sat Nov 26 14:06:50 2011 +0100 @@ -69,6 +69,7 @@ &test_result_print_operation, &test_message_smtp_operation, &test_message_mailbox_operation, + &test_message_print_operation, &test_mailbox_create_operation, &test_mailbox_delete_operation, &test_binary_load_operation, @@ -125,6 +126,7 @@ sieve_validator_register_command(valdtr, ext, &cmd_test_result_print); sieve_validator_register_command(valdtr, ext, &cmd_test_result_reset); sieve_validator_register_command(valdtr, ext, &cmd_test_message); + sieve_validator_register_command(valdtr, ext, &cmd_test_message_print); sieve_validator_register_command(valdtr, ext, &cmd_test_mailbox_create); sieve_validator_register_command(valdtr, ext, &cmd_test_mailbox_delete); sieve_validator_register_command(valdtr, ext, &cmd_test_binary_load); diff -r df95edf614c4 -r 8af074872b41 src/testsuite/testsuite-common.h --- a/src/testsuite/testsuite-common.h Sat Nov 26 11:49:07 2011 +0100 +++ b/src/testsuite/testsuite-common.h Sat Nov 26 14:06:50 2011 +0100 @@ -57,6 +57,7 @@ extern const struct sieve_command_def cmd_test_result_reset; extern const struct sieve_command_def cmd_test_result_print; extern const struct sieve_command_def cmd_test_message; +extern const struct sieve_command_def cmd_test_message_print; extern const struct sieve_command_def cmd_test_mailbox; extern const struct sieve_command_def cmd_test_mailbox_create; extern const struct sieve_command_def cmd_test_mailbox_delete; @@ -96,6 +97,7 @@ TESTSUITE_OPERATION_TEST_RESULT_PRINT, TESTSUITE_OPERATION_TEST_MESSAGE_SMTP, TESTSUITE_OPERATION_TEST_MESSAGE_MAILBOX, + TESTSUITE_OPERATION_TEST_MESSAGE_PRINT, TESTSUITE_OPERATION_TEST_MAILBOX_CREATE, TESTSUITE_OPERATION_TEST_MAILBOX_DELETE, TESTSUITE_OPERATION_TEST_BINARY_LOAD, @@ -119,6 +121,7 @@ extern const struct sieve_operation_def test_result_print_operation; extern const struct sieve_operation_def test_message_smtp_operation; extern const struct sieve_operation_def test_message_mailbox_operation; +extern const struct sieve_operation_def test_message_print_operation; extern const struct sieve_operation_def test_mailbox_create_operation; extern const struct sieve_operation_def test_mailbox_delete_operation; extern const struct sieve_operation_def test_binary_load_operation; From pigeonhole at rename-it.nl Sat Nov 26 15:19:57 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Sat, 26 Nov 2011 14:19:57 +0100 Subject: dovecot-2.1-pigeonhole: testsuite: editheader extension: added v... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/23fbd8454d98 changeset: 1559:23fbd8454d98 user: Stephan Bosch date: Sat Nov 26 14:19:42 2011 +0100 description: testsuite: editheader extension: added various tests for folded headers. diffstat: tests/extensions/editheader/addheader.svtest | 160 ++++++++++++++++++++++++++- tests/extensions/editheader/deleteheader.svtest | 60 ++++++++++ 2 files changed, 219 insertions(+), 1 deletions(-) diffs (247 lines): diff -r f7ec0ff8c3ba -r 23fbd8454d98 tests/extensions/editheader/addheader.svtest --- a/tests/extensions/editheader/addheader.svtest Sat Nov 26 14:19:09 2011 +0100 +++ b/tests/extensions/editheader/addheader.svtest Sat Nov 26 14:19:42 2011 +0100 @@ -202,7 +202,6 @@ } } - test_result_reset; test_set "message" "${message}"; test "Addheader - framed" { @@ -321,3 +320,162 @@ } } +/* + * Addheader - folded + */ + +test_result_reset; +test_set "message" "${message}"; +test "Addheader - folded" { + set "before" + "This is very long header content, folded to fit inside multiple header lines. This may cause problems, so that is why it is tested here."; + set "after" + "This is somewhat longer header content, folded to fit inside multiple header lines. This may cause problems, so that is why it is tested here."; + + addheader "X-Some-Header-first" "${before}"; + addheader :last "X-Some-Header-last" "${after}"; + + if not header :is "subject" "Frop!" { + test_fail "original subject header not retained"; + } + + if not exists "x-some-header-first" { + test_fail "first header not added"; + } + + if not exists "x-some-header-last" { + test_fail "last header not added"; + } + + if not header :is "x-some-header-first" "${before}" { + test_fail "wrong first content added"; + } + + if not header :is "x-some-header-last" "${after}" { + test_fail "wrong last content added"; + } + + redirect "frop at example.com"; + + if not test_result_execute { + test_fail "failed to execute result"; + } + + if not test_message :smtp 0 { + test_fail "message not redirected"; + } + + if not header :is "subject" "Frop!" { + test_fail "original subject header not retained in redirected mail"; + } + + if not exists "x-some-header-first" { + test_fail "first header not in redirected mail"; + } + + if not exists "x-some-header-last" { + test_fail "last header not in redirected mail"; + } + + if not header :is "x-some-header-first" "${before}" { + test_fail "wrong first header content in redirected mail "; + } + + if not header :is "x-some-header-last" "${after}" { + test_fail "wrong last header content in redirected mail "; + } + + if not body :matches "Frop!*" { + test_fail "body not retained in redirected mail"; + } +} + +/* + * Addheader - newlines + */ + +test_result_reset; +test_set "message" "${message}"; +test "Addheader - newlines" { + set "before" text: +This is very long header content + containing newlines. This may + cause some problems, so that + is why it is tested here. +. +; + + set "after" text: +This is somewhat longer header content + containing newlines. This may + cause some problems, so that + is why it is tested here. +. +; + + set "before_out" + "This is very long header content containing newlines. This may cause some problems, so that is why it is tested here."; + + set "after_out" + "This is somewhat longer header content containing newlines. This may cause some problems, so that is why it is tested here."; + + addheader "X-Some-Header-first" "${before}"; + addheader :last "X-Some-Header-last" "${after}"; + + if not header :is "subject" "Frop!" { + test_fail "original subject header not retained"; + } + + if not exists "x-some-header-first" { + test_fail "first header not added"; + } + + if not exists "x-some-header-last" { + test_fail "last header not added"; + } + + if not header :is "x-some-header-first" "${before_out}" { + test_fail "wrong first content added"; + } + + if not header :is "x-some-header-last" "${after_out}" { + test_fail "wrong last content added"; + } + + redirect "frop at example.com"; + + if not test_result_execute { + test_fail "failed to execute result"; + } + + if not test_message :smtp 0 { + test_fail "message not redirected"; + } + + if not header :is "subject" "Frop!" { + test_fail "original subject header not retained in redirected mail"; + } + + if not exists "x-some-header-first" { + test_fail "first header not in redirected mail"; + } + + if not exists "x-some-header-last" { + test_fail "last header not in redirected mail"; + } + + if not header :is "x-some-header-first" "${before_out}" { + test_fail "wrong first header content in redirected mail "; + } + + if not header :is "x-some-header-last" "${after_out}" { + test_fail "wrong last header content in redirected mail "; + } + + if not body :matches "Frop!*" { + test_fail "body not retained in redirected mail"; + } +} + + + diff -r f7ec0ff8c3ba -r 23fbd8454d98 tests/extensions/editheader/deleteheader.svtest --- a/tests/extensions/editheader/deleteheader.svtest Sat Nov 26 14:19:09 2011 +0100 +++ b/tests/extensions/editheader/deleteheader.svtest Sat Nov 26 14:19:42 2011 +0100 @@ -825,9 +825,69 @@ } +/* + * + */ +test_result_reset; +test_set "message" text: +X-A: Long folded header to test removal of folded + headers from a message. This is the top header. +X-B: First intermittent unfolded header +X-A: Long folded header to test removal of folded + headers from a message. This is the middle header. +X-B: Second intermittent unfolded header +X-A: Long folded header to test removal of folded + headers from a message. This is the bottom header, + which concludes the header of this message. +Frop! +. +; +test "Deleteheader - :matches" { + deleteheader "X-A"; + if exists "X-A" { + test_fail "original X-A (1) header not deleted"; + } + if not header :is "X-B" "First intermittent unfolded header" { + test_fail "original X-B (2) header not retained"; + } + + if not header :is "X-B" "Second intermittent unfolded header" { + test_fail "original X-B (2) header not retained"; + } + + if not body :matches "Frop!*" { + test_fail "body not retained in redirected mail"; + } + + redirect "frop at example.com"; + + if not test_result_execute { + test_fail "failed to execute result"; + } + + if not test_message :smtp 0 { + test_fail "message not redirected"; + } + + if exists "X-A" { + test_fail "original X-A (1) header not deleted in redirected mail"; + } + + if not header :is "X-B" "First intermittent unfolded header" { + test_fail "original X-B (2) header not retained in redirected mail"; + } + + if not header :is "X-B" "Second intermittent unfolded header" { + test_fail "original X-B (2) header not retained in redirected mail"; + } + + if not body :matches "Frop!*" { + test_fail "body not retained in redirected mail"; + } +} From pigeonhole at rename-it.nl Mon Nov 28 01:41:00 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Mon, 28 Nov 2011 00:41:00 +0100 Subject: dovecot-2.1-pigeonhole: lib-sieve: editheader: fixed implicit ke... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/9c2fa28f7123 changeset: 1560:9c2fa28f7123 user: Stephan Bosch date: Mon Nov 28 00:40:43 2011 +0100 description: lib-sieve: editheader: fixed implicit keep after runtime error. It did not use the original message in this case. diffstat: src/lib-sieve/sieve-actions.c | 2 +- tests/extensions/editheader/errors.svtest | 31 +++++++++++++++ tests/extensions/editheader/errors/runtime-error.sieve | 6 +++ 3 files changed, 38 insertions(+), 1 deletions(-) diffs (60 lines): diff -r 23fbd8454d98 -r 9c2fa28f7123 src/lib-sieve/sieve-actions.c --- a/src/lib-sieve/sieve-actions.c Sat Nov 26 14:19:42 2011 +0100 +++ b/src/lib-sieve/sieve-actions.c Mon Nov 28 00:40:43 2011 +0100 @@ -467,7 +467,7 @@ struct act_store_transaction *trans = (struct act_store_transaction *) tr_context; struct mail *mail = ( action->mail != NULL ? - action->mail : sieve_message_get_mail(aenv->msgctx) ); + action->mail : aenv->msgdata->mail ); struct mail_save_context *save_ctx; struct mail_keywords *keywords = NULL; bool result = TRUE; diff -r 23fbd8454d98 -r 9c2fa28f7123 tests/extensions/editheader/errors.svtest --- a/tests/extensions/editheader/errors.svtest Sat Nov 26 14:19:42 2011 +0100 +++ b/tests/extensions/editheader/errors.svtest Mon Nov 28 00:40:43 2011 +0100 @@ -66,3 +66,34 @@ } } +test_set "message" text: +From: stephan at example.com +To: tss at example.com +Subject: Frop + +Frop! +. +; + +test "Implicit keep at runtime error" { + if not test_script_compile "errors/runtime-error.sieve" { + test_fail "compile failed"; + } + + if not test_script_run { + test_fail "run failed"; + } + + if test_result_execute { + test_fail "result execution should have failed"; + } + + if not test_message :folder "INBOX" 0 { + test_fail "message not stored (no implicit keep)"; + } + + if exists "X-Frop" { + test_fail "implicit keep message has editheader changes"; + } +} + diff -r 23fbd8454d98 -r 9c2fa28f7123 tests/extensions/editheader/errors/runtime-error.sieve --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/extensions/editheader/errors/runtime-error.sieve Mon Nov 28 00:40:43 2011 +0100 @@ -0,0 +1,6 @@ +require "editheader"; +require "fileinto"; + +addheader "X-Frop" "Friep"; + +fileinto "Rediculous.non-existent.folder"; From pigeonhole at rename-it.nl Mon Nov 28 01:49:07 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Mon, 28 Nov 2011 00:49:07 +0100 Subject: dovecot-2.1-pigeonhole: Updated TODO. Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/6798ae05aa0a changeset: 1561:6798ae05aa0a user: Stephan Bosch date: Mon Nov 28 00:49:01 2011 +0100 description: Updated TODO. diffstat: TODO | 6 ++++-- 1 files changed, 4 insertions(+), 2 deletions(-) diffs (16 lines): diff -r 9c2fa28f7123 -r 6798ae05aa0a TODO --- a/TODO Mon Nov 28 00:40:43 2011 +0100 +++ b/TODO Mon Nov 28 00:49:01 2011 +0100 @@ -1,8 +1,10 @@ Current activities: * Implement editheader extension - - Add header value verification to addheader command - - Add testsuite items for various error conditions + - Implement configurable limit on header value length + - Implement configurable list of protected headers, with Received: and + Auto-Submitted: headers always protected. + - Add command syntax checks to the test suite. Parallel plugin-based efforts: From pigeonhole at rename-it.nl Mon Nov 28 09:53:49 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Mon, 28 Nov 2011 08:53:49 +0100 Subject: dovecot-2.1-pigeonhole: lib-sieve: editheader: fixed normal impl... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/f13a2fc82fa0 changeset: 1562:f13a2fc82fa0 user: Stephan Bosch date: Mon Nov 28 08:53:43 2011 +0100 description: lib-sieve: editheader: fixed normal implicit keep. This was broken by previous change. It now properly uses the final version of the message instead of the original. diffstat: src/lib-sieve/sieve-result.c | 7 ++- tests/extensions/editheader/addheader.svtest | 46 +++++++++++++++++++++++ tests/extensions/editheader/deleteheader.svtest | 40 +++++++++++++++++++- 3 files changed, 90 insertions(+), 3 deletions(-) diffs (131 lines): diff -r 6798ae05aa0a -r f13a2fc82fa0 src/lib-sieve/sieve-result.c --- a/src/lib-sieve/sieve-result.c Mon Nov 28 00:49:01 2011 +0100 +++ b/src/lib-sieve/sieve-result.c Mon Nov 28 08:53:43 2011 +0100 @@ -912,10 +912,13 @@ void *tr_context = NULL; struct sieve_action act_keep; - if ( rollback ) + if ( rollback ) { act_keep = result->failure_action; - else + act_keep.mail = NULL; + } else { act_keep = result->keep_action; + act_keep.mail = sieve_message_get_mail(result->action_env.msgctx); + } /* If keep is a non-action, return right away */ if ( act_keep.def == NULL ) return TRUE; diff -r 6798ae05aa0a -r f13a2fc82fa0 tests/extensions/editheader/addheader.svtest --- a/tests/extensions/editheader/addheader.svtest Mon Nov 28 00:49:01 2011 +0100 +++ b/tests/extensions/editheader/addheader.svtest Mon Nov 28 08:53:43 2011 +0100 @@ -477,5 +477,51 @@ } } +test_result_reset; +test_set "message" "${message}"; +test "Addheader - implicit keep" { + if size :over 76 { + test_fail "original message is longer than 76 bytes?!"; + } + addheader "X-Some-Header" "Header content"; + + if not test_result_execute { + test_fail "failed to execute result"; + } + + if not test_message :folder "INBOX" 0 { + test_fail "message not stored"; + } + + if not size :over 76 { + test_fail "stored mail is not larger"; + } + + if size :over 107 { + test_fail "stored mail is too large"; + } + + if size :under 100 { + test_fail "stored mail is too small"; + } + + if not header :is "subject" "Frop!" { + test_fail "original subject header not retained in stored message"; + } + + if not exists "x-some-header" { + test_fail "header not added to stored message"; + } + + if not header :is "x-some-header" "Header content" { + test_fail "wrong content added to stored message"; + } + + if not body :matches "Frop!*" { + test_fail "body not retained in stored mail"; + } +} + + diff -r 6798ae05aa0a -r f13a2fc82fa0 tests/extensions/editheader/deleteheader.svtest --- a/tests/extensions/editheader/deleteheader.svtest Mon Nov 28 00:49:01 2011 +0100 +++ b/tests/extensions/editheader/deleteheader.svtest Mon Nov 28 08:53:43 2011 +0100 @@ -611,6 +611,44 @@ } test_result_reset; +test_set "message" "${message}"; +test "Deleteheader - implicit keep" { + deleteheader "X-D"; + + if not test_result_execute { + test_fail "failed to execute result"; + } + + if not test_message :folder "INBOX" 0 { + test_fail "message not stored"; + } + + if not header :is "subject" "Frop!" { + test_fail "original subject header not retained in stored mail"; + } + + if not header :is "X-B" "omdat dit anders" { + test_fail "original X-B header not retained in stored mail"; + } + + if not header :is "X-C" "niet via e-mail versturen" { + test_fail "original X-C header not retained in stored mail"; + } + + if exists "X-D" { + test_fail "X-D header not deleted in stored mail"; + } + + if not body :matches "Frop!*" { + test_fail "body not retained in stored mail"; + } +} + +/* + * + */ + +test_result_reset; test_set "message" text: X-A: Dit is een klein verhaaltje @@ -846,7 +884,7 @@ . ; -test "Deleteheader - :matches" { +test "Deleteheader - folded" { deleteheader "X-A"; if exists "X-A" { From pigeonhole at rename-it.nl Mon Nov 28 23:13:27 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Mon, 28 Nov 2011 22:13:27 +0100 Subject: dovecot-2.1-pigeonhole: lib-sieve: editheader: added simple conf... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/8d0cfe6f66f0 changeset: 1563:8d0cfe6f66f0 user: Stephan Bosch date: Mon Nov 28 22:13:18 2011 +0100 description: lib-sieve: editheader: added simple configuration for protected headers. diffstat: Makefile.am | 1 + TODO | 2 - src/lib-sieve/plugins/editheader/Makefile.am | 3 +- src/lib-sieve/plugins/editheader/cmd-addheader.c | 28 +++- src/lib-sieve/plugins/editheader/cmd-deleteheader.c | 14 ++ src/lib-sieve/plugins/editheader/ext-editheader-common.c | 135 +++++++++++++++++-- src/lib-sieve/plugins/editheader/ext-editheader-common.h | 22 ++- src/lib-sieve/plugins/editheader/ext-editheader.c | 3 +- tests/extensions/editheader/protected.svtest | 74 ++++++++++ 9 files changed, 251 insertions(+), 31 deletions(-) diffs (truncated from 433 to 300 lines): diff -r f13a2fc82fa0 -r 8d0cfe6f66f0 Makefile.am --- a/Makefile.am Mon Nov 28 08:53:43 2011 +0100 +++ b/Makefile.am Mon Nov 28 22:13:18 2011 +0100 @@ -130,6 +130,7 @@ tests/extensions/editheader/deleteheader.svtest \ tests/extensions/editheader/alternating.svtest \ tests/extensions/editheader/utf8.svtest \ + tests/extensions/editheader/protected.svtest \ tests/extensions/editheader/errors.svtest \ tests/extensions/vnd.dovecot/debug/execute.svtest \ tests/deprecated/notify/basic.svtest \ diff -r f13a2fc82fa0 -r 8d0cfe6f66f0 TODO --- a/TODO Mon Nov 28 08:53:43 2011 +0100 +++ b/TODO Mon Nov 28 22:13:18 2011 +0100 @@ -2,8 +2,6 @@ * Implement editheader extension - Implement configurable limit on header value length - - Implement configurable list of protected headers, with Received: and - Auto-Submitted: headers always protected. - Add command syntax checks to the test suite. Parallel plugin-based efforts: diff -r f13a2fc82fa0 -r 8d0cfe6f66f0 src/lib-sieve/plugins/editheader/Makefile.am --- a/src/lib-sieve/plugins/editheader/Makefile.am Mon Nov 28 08:53:43 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/Makefile.am Mon Nov 28 22:13:18 2011 +0100 @@ -10,7 +10,8 @@ libsieve_ext_editheader_la_SOURCES = \ $(commands) \ - ext-editheader.c + ext-editheader.c \ + ext-editheader-common.c noinst_HEADERS = \ ext-editheader-common.h diff -r f13a2fc82fa0 -r 8d0cfe6f66f0 src/lib-sieve/plugins/editheader/cmd-addheader.c --- a/src/lib-sieve/plugins/editheader/cmd-addheader.c Mon Nov 28 08:53:43 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/cmd-addheader.c Mon Nov 28 22:13:18 2011 +0100 @@ -88,18 +88,18 @@ */ static bool cmd_addheader_validate -(struct sieve_validator *valdtr, struct sieve_command *tst) +(struct sieve_validator *valdtr, struct sieve_command *cmd) { - struct sieve_ast_argument *arg = tst->first_positional; + struct sieve_ast_argument *arg = cmd->first_positional; /* Check field-name syntax */ if ( !sieve_validate_positional_argument - (valdtr, tst, arg, "field-name", 1, SAAT_STRING) ) { + (valdtr, cmd, arg, "field-name", 1, SAAT_STRING) ) { return FALSE; } - if ( !sieve_validator_argument_activate(valdtr, tst, arg, FALSE) ) + if ( !sieve_validator_argument_activate(valdtr, cmd, arg, FALSE) ) return FALSE; if ( sieve_argument_is_string_literal(arg) ) { @@ -111,6 +111,12 @@ str_sanitize(str_c(fname), 80)); return FALSE; } + + if ( ext_editheader_header_is_protected(cmd->ext, str_c(fname)) ) { + sieve_argument_validate_warning(valdtr, arg, "addheader command: " + "specified header field `%s' is protected " + "(modification will be denied)", str_sanitize(str_c(fname), 80)); + } } /* Check value syntax */ @@ -118,11 +124,11 @@ arg = sieve_ast_argument_next(arg); if ( !sieve_validate_positional_argument - (valdtr, tst, arg, "value", 2, SAAT_STRING) ) { + (valdtr, cmd, arg, "value", 2, SAAT_STRING) ) { return FALSE; } - if ( !sieve_validator_argument_activate(valdtr, tst, arg, FALSE) ) + if ( !sieve_validator_argument_activate(valdtr, cmd, arg, FALSE) ) return FALSE; if ( sieve_argument_is_string_literal(arg) ) { @@ -207,6 +213,7 @@ static int cmd_addheader_operation_execute (const struct sieve_runtime_env *renv, sieve_size_t *address) { + const struct sieve_extension *this_ext = renv->oprtn->ext; string_t *field_name; string_t *value; struct edit_mail *edmail; @@ -259,7 +266,14 @@ str_sanitize(str_c(field_name), 80)); return SIEVE_EXEC_FAILURE; } - + + if ( ext_editheader_header_is_protected(this_ext, str_c(field_name)) ) { + sieve_runtime_warning(renv, NULL, "addheader action: " + "specified header field `%s' is protected (modification denied)", + str_sanitize(str_c(field_name), 80)); + return SIEVE_EXEC_OK; + } + if ( !rfc2822_header_field_body_verify (str_c(value), str_len(value), TRUE, TRUE) ) { sieve_runtime_error(renv, NULL, "addheader action: " diff -r f13a2fc82fa0 -r 8d0cfe6f66f0 src/lib-sieve/plugins/editheader/cmd-deleteheader.c --- a/src/lib-sieve/plugins/editheader/cmd-deleteheader.c Mon Nov 28 08:53:43 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/cmd-deleteheader.c Mon Nov 28 22:13:18 2011 +0100 @@ -258,6 +258,12 @@ str_sanitize(str_c(fname), 80)); return FALSE; } + + if ( ext_editheader_header_is_protected(cmd->ext, str_c(fname)) ) { + sieve_argument_validate_warning(valdtr, arg, "deleteheader command: " + "specified header field `%s' is protected " + "(modification will be denied)", str_sanitize(str_c(fname), 80)); + } } /* Value patterns argument */ @@ -363,6 +369,7 @@ static int cmd_deleteheader_operation_execute (const struct sieve_runtime_env *renv, sieve_size_t *address) { + const struct sieve_extension *this_ext = renv->oprtn->ext; int opt_code = 0; struct sieve_operand oprnd; struct sieve_comparator cmp = @@ -437,6 +444,13 @@ return SIEVE_EXEC_FAILURE; } + if ( ext_editheader_header_is_protected(this_ext, str_c(field_name)) ) { + sieve_runtime_warning(renv, NULL, "deleteheader action: " + "specified header field `%s' is protected (modification denied)", + str_sanitize(str_c(field_name), 80)); + return SIEVE_EXEC_OK; + } + /* * Execute command */ diff -r f13a2fc82fa0 -r 8d0cfe6f66f0 src/lib-sieve/plugins/editheader/ext-editheader-common.c --- a/src/lib-sieve/plugins/editheader/ext-editheader-common.c Mon Nov 28 08:53:43 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/ext-editheader-common.c Mon Nov 28 22:13:18 2011 +0100 @@ -1,28 +1,135 @@ /* Copyright (c) 2002-2011 Pigeonhole authors, see the included COPYING file */ -#ifndef __EXT_EDITHEADER_COMMON_H -#define __EXT_EDITHEADER_COMMON_H +#include "lib.h" +#include "mempool.h" +#include "array.h" + +#include "rfc2822.h" + +#include "sieve-common.h" +#include "sieve-error.h" +#include "sieve-settings.h" +#include "sieve-extensions.h" + +#include "ext-editheader-common.h" /* - * Extensions + * Extension configuration */ -extern const struct sieve_extension_def editheader_extension; +struct ext_editheader_header { + const char *name; + + /* may extend this later */ + unsigned int protected:1; +}; + +struct ext_editheader_config { + pool_t pool; + + ARRAY_DEFINE(headers, struct ext_editheader_header); +}; + +static struct ext_editheader_header *ext_editheader_config_header_find +(struct ext_editheader_config *ext_config, const char *hname) +{ + struct ext_editheader_header *headers; + unsigned int count, i; + + headers = array_get_modifiable(&ext_config->headers, &count); + for ( i = 0; i < count; i++ ) { + if ( strcasecmp(hname, headers[i].name) == 0 ) + return &headers[i]; + } + + return NULL; +} + +bool ext_editheader_load +(const struct sieve_extension *ext, void **context) +{ + struct ext_editheader_config *ext_config = + (struct ext_editheader_config *) *context; + struct sieve_instance *svinst = ext->svinst; + const char *protected; + pool_t pool; + + if ( *context != NULL ) { + ext_editheader_unload(ext); + *context = NULL; + } + + T_BEGIN { + pool = pool_alloconly_create("editheader_config", 512); + ext_config = p_new(pool, struct ext_editheader_config, 1); + ext_config->pool = pool; + + p_array_init(&ext_config->headers, pool, 16); + + protected = sieve_setting_get(svinst, "sieve_editheader_protected"); + if ( protected != NULL ) { + const char **headers = t_strsplit_spaces(protected, " \t"); + + while ( *headers != NULL ) { + struct ext_editheader_header *header; + + if ( !rfc2822_header_field_name_verify(*headers, strlen(*headers)) ) { + sieve_sys_warning(svinst, + "editheader: setting sieve_editheader_protected contains " + "invalid header field name `%s' (ignored)", *headers); + continue; + } + + header=ext_editheader_config_header_find(ext_config, *headers); + if ( header == NULL ) { + header = array_append_space(&ext_config->headers); + header->name = p_strdup(pool, *headers); + } + + header->protected = TRUE; + + headers++; + } + } + } T_END; + + *context = (void *) ext_config; + return TRUE; +} + +void ext_editheader_unload(const struct sieve_extension *ext) +{ + struct ext_editheader_config *ext_config = + (struct ext_editheader_config *) ext->context; + + if ( ext_config != NULL ) { + pool_unref(&ext_config->pool); + } +} /* - * Commands + * Protected headers */ -extern const struct sieve_command_def addheader_command; -//extern const struct sieve_command_def deleteheader_command; +bool ext_editheader_header_is_protected +(const struct sieve_extension *ext, const char *hname) +{ + struct ext_editheader_config *ext_config = + (struct ext_editheader_config *) ext->context; + const struct ext_editheader_header *header; + + if ( strcasecmp(hname, "received") == 0 + || strcasecmp(hname, "auto-submitted") == 0 ) { + return TRUE; + } -/* - * Operations - */ + if ( strcasecmp(hname, "subject") == 0 ) { + return FALSE; + } -extern const struct sieve_operation_def addheader_operation; -//extern const struct sieve_operation_def deleteheader_operation; + if ( (header=ext_editheader_config_header_find(ext_config, hname)) == NULL ) + return FALSE; From pigeonhole at rename-it.nl Tue Nov 29 00:32:28 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Mon, 28 Nov 2011 23:32:28 +0100 Subject: dovecot-2.1-pigeonhole: lib-sieve: editheader: made deleteheader... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/9a0b9ca3aca5 changeset: 1564:9a0b9ca3aca5 user: Stephan Bosch date: Mon Nov 28 23:32:14 2011 +0100 description: lib-sieve: editheader: made deleteheader match ignore leading and trailing whitespace. diffstat: src/lib-sieve/edit-mail.c | 24 +++++++++++- tests/extensions/editheader/deleteheader.svtest | 33 ++++++++++++++++ 2 files changed, 56 insertions(+), 1 deletions(-) diffs (79 lines): diff -r 8d0cfe6f66f0 -r 9a0b9ca3aca5 src/lib-sieve/edit-mail.c --- a/src/lib-sieve/edit-mail.c Mon Nov 28 22:13:18 2011 +0100 +++ b/src/lib-sieve/edit-mail.c Mon Nov 28 23:32:14 2011 +0100 @@ -930,12 +930,34 @@ *edhiter = NULL; } +static inline string_t *_header_right_trim(const char *raw) +{ + string_t *result; + int i; + + for ( i = strlen(raw)-1; i >= 0; i-- ) { + if ( raw[i] != ' ' && raw[i] != '\t' ) break; + } + + result = t_str_new(i+1); + str_append_n(result, raw, i + 1); + return result; +} + void edit_mail_headers_iterate_get (struct edit_mail_header_iter *edhiter, const char **value_r) { + const char *raw; + int i; + i_assert( edhiter->current != NULL && edhiter->current->header != NULL); - *value_r = edhiter->current->field->utf8_value; + raw = edhiter->current->field->utf8_value; + for ( i = strlen(raw)-1; i >= 0; i-- ) { + if ( raw[i] != ' ' && raw[i] != '\t' ) break; + } + + *value_r = t_strndup(raw, i+1); } bool edit_mail_headers_iterate_next diff -r 8d0cfe6f66f0 -r 9a0b9ca3aca5 tests/extensions/editheader/deleteheader.svtest --- a/tests/extensions/editheader/deleteheader.svtest Mon Nov 28 22:13:18 2011 +0100 +++ b/tests/extensions/editheader/deleteheader.svtest Mon Nov 28 23:32:14 2011 +0100 @@ -929,3 +929,36 @@ test_fail "body not retained in redirected mail"; } } + +/* + * TEST: Ignoring whitespace + */ + +test_set "message" text: +From: stephan at example.org +To: nico at frop.example.com +Subject: Help +X-A: Text +X-B: Text + +Text +. +; + +test "Ignoring whitespace" { + deleteheader :is "subject" "Help"; + deleteheader :is "x-a" "Text"; + deleteheader :is "x-b" "Text"; + + if exists "subject" { + test_fail "subject header not deleted"; + } + + if exists "x-a" { + test_fail "x-a header not deleted"; + } + + if exists "x-b" { + test_fail "x-b header not deleted"; + } +} From pigeonhole at rename-it.nl Tue Nov 29 01:57:32 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Tue, 29 Nov 2011 00:57:32 +0100 Subject: dovecot-2.1-pigeonhole: testsuite: editheader: added command syn... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/3fc2c1bfb4ca changeset: 1565:3fc2c1bfb4ca user: Stephan Bosch date: Tue Nov 29 00:57:27 2011 +0100 description: testsuite: editheader: added command syntax checks. diffstat: TODO | 1 - tests/extensions/editheader/errors.svtest | 10 +++++ tests/extensions/editheader/errors/command-syntax.sieve | 42 +++++++++++++++++++++ 3 files changed, 52 insertions(+), 1 deletions(-) diffs (77 lines): diff -r 9a0b9ca3aca5 -r 3fc2c1bfb4ca TODO --- a/TODO Mon Nov 28 23:32:14 2011 +0100 +++ b/TODO Tue Nov 29 00:57:27 2011 +0100 @@ -2,7 +2,6 @@ * Implement editheader extension - Implement configurable limit on header value length - - Add command syntax checks to the test suite. Parallel plugin-based efforts: diff -r 9a0b9ca3aca5 -r 3fc2c1bfb4ca tests/extensions/editheader/errors.svtest --- a/tests/extensions/editheader/errors.svtest Mon Nov 28 23:32:14 2011 +0100 +++ b/tests/extensions/editheader/errors.svtest Tue Nov 29 00:57:27 2011 +0100 @@ -66,6 +66,16 @@ } } +test "Invalid field value (FIXME: count only)" { + if test_script_compile "errors/command-syntax.sieve" { + test_fail "compile should have failed"; + } + + if not test_error :count "eq" :comparator "i;ascii-numeric" "10" { + test_fail "wrong number of errors reported"; + } +} + test_set "message" text: From: stephan at example.com To: tss at example.com diff -r 9a0b9ca3aca5 -r 3fc2c1bfb4ca tests/extensions/editheader/errors/command-syntax.sieve --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/extensions/editheader/errors/command-syntax.sieve Tue Nov 29 00:57:27 2011 +0100 @@ -0,0 +1,42 @@ +require "editheader"; + +/* "addheader" [":last"] + */ + +# 1: missing field name and value +addheader; + +# 2: missing value +addheader "x-frop"; + +# 3: value not a string; number +addheader "x-frop" 2; + +# 4: value not a string; list +addheader "x-frop" ["frop"]; + +# 5: strange tag +addheader :tag "x-frop" "frop"; + +/* "deleteheader" [":index" [":last"]] + * [COMPARATOR] [MATCH-TYPE] + * + * [] + */ + +# 6: missing field name +deleteheader; + +# 7: :last tag without index +deleteheader :last "x-frop"; + +# 8: :index tag with string argument +deleteheader :index "frop" "x-frop"; + +# OK: match type without value patterns +deleteheader :matches "x-frop"; + +# 9: value patterns not a string(list) +deleteheader "x-frop" 1; + + From pigeonhole at rename-it.nl Tue Nov 29 02:11:02 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Tue, 29 Nov 2011 01:11:02 +0100 Subject: dovecot-2.1-pigeonhole: testsuite: editheader: fixed test name f... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/3cacf01fbbab changeset: 1567:3cacf01fbbab user: Stephan Bosch date: Tue Nov 29 01:10:32 2011 +0100 description: testsuite: editheader: fixed test name for command syntax checks. diffstat: tests/extensions/editheader/errors.svtest | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diffs (12 lines): diff -r 77a20a67153d -r 3cacf01fbbab tests/extensions/editheader/errors.svtest --- a/tests/extensions/editheader/errors.svtest Tue Nov 29 01:09:27 2011 +0100 +++ b/tests/extensions/editheader/errors.svtest Tue Nov 29 01:10:32 2011 +0100 @@ -66,7 +66,7 @@ } } -test "Invalid field value (FIXME: count only)" { +test "Command syntax (FIXME: count only)" { if test_script_compile "errors/command-syntax.sieve" { test_fail "compile should have failed"; } From pigeonhole at rename-it.nl Tue Nov 29 02:11:02 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Tue, 29 Nov 2011 01:11:02 +0100 Subject: dovecot-2.1-pigeonhole: lib-sieve: vacation: made vacation actio... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/77a20a67153d changeset: 1566:77a20a67153d user: Stephan Bosch date: Tue Nov 29 01:09:27 2011 +0100 description: lib-sieve: vacation: made vacation action header checks use the modified message (editheader). diffstat: src/lib-sieve/plugins/vacation/cmd-vacation.c | 7 ++++--- 1 files changed, 4 insertions(+), 3 deletions(-) diffs (38 lines): diff -r 3fc2c1bfb4ca -r 77a20a67153d src/lib-sieve/plugins/vacation/cmd-vacation.c --- a/src/lib-sieve/plugins/vacation/cmd-vacation.c Tue Nov 29 00:57:27 2011 +0100 +++ b/src/lib-sieve/plugins/vacation/cmd-vacation.c Tue Nov 29 01:09:27 2011 +0100 @@ -1026,6 +1026,7 @@ struct act_vacation_context *ctx = (struct act_vacation_context *) action->context; unsigned char dupl_hash[MD5_RESULTLEN]; + struct mail *mail = sieve_message_get_mail(aenv->msgctx); const char *sender = sieve_message_get_sender(aenv->msgctx); const char *recipient = sieve_message_get_final_recipient(aenv->msgctx); const char *const *hdsp; @@ -1090,7 +1091,7 @@ hdsp = _list_headers; while ( *hdsp != NULL ) { if ( mail_get_headers - (msgdata->mail, *hdsp, &headers) >= 0 && headers[0] != NULL ) { + (mail, *hdsp, &headers) >= 0 && headers[0] != NULL ) { /* Yes, bail out */ sieve_result_global_log(aenv, "discarding vacation response to mailinglist recipient <%s>", @@ -1118,7 +1119,7 @@ /* Check for the (non-standard) precedence header */ if ( mail_get_headers - (msgdata->mail, "precedence", &headers) >= 0 ) { + (mail, "precedence", &headers) >= 0 ) { /* Theoretically multiple headers could exist, so lets make sure */ hdsp = headers; while ( *hdsp != NULL ) { @@ -1153,7 +1154,7 @@ hdsp = _my_address_headers; while ( *hdsp != NULL ) { if ( mail_get_headers - (msgdata->mail, *hdsp, &headers) >= 0 && headers[0] != NULL ) { + (mail, *hdsp, &headers) >= 0 && headers[0] != NULL ) { if ( _contains_my_address(headers, recipient) ) { reply_from = recipient; From pigeonhole at rename-it.nl Tue Nov 29 23:21:19 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Tue, 29 Nov 2011 22:21:19 +0100 Subject: dovecot-2.1-pigeonhole: lib-sieve: editheader: implemented confi... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/00c5cd8ca1d2 changeset: 1568:00c5cd8ca1d2 user: Stephan Bosch date: Tue Nov 29 22:21:13 2011 +0100 description: lib-sieve: editheader: implemented configurable length limit. diffstat: TODO | 4 +- src/lib-sieve/plugins/editheader/Makefile.am | 1 + src/lib-sieve/plugins/editheader/cmd-addheader.c | 26 +++++- src/lib-sieve/plugins/editheader/cmd-deleteheader.c | 6 +- src/lib-sieve/plugins/editheader/ext-editheader-common.c | 32 ++++++++ src/lib-sieve/plugins/editheader/ext-editheader-common.h | 7 + src/lib-sieve/plugins/editheader/ext-editheader-limits.h | 10 ++ tests/extensions/editheader/errors.svtest | 58 ++++++++++++++ tests/extensions/editheader/errors/size-limit-runtime.sieve | 46 +++++++++++ tests/extensions/editheader/errors/size-limit.sieve | 43 ++++++++++ 10 files changed, 222 insertions(+), 11 deletions(-) diffs (truncated from 372 to 300 lines): diff -r 3cacf01fbbab -r 00c5cd8ca1d2 TODO --- a/TODO Tue Nov 29 01:10:32 2011 +0100 +++ b/TODO Tue Nov 29 22:21:13 2011 +0100 @@ -1,7 +1,7 @@ Current activities: -* Implement editheader extension - - Implement configurable limit on header value length +* Finish editheader extension + - Document extension configuration Parallel plugin-based efforts: diff -r 3cacf01fbbab -r 00c5cd8ca1d2 src/lib-sieve/plugins/editheader/Makefile.am --- a/src/lib-sieve/plugins/editheader/Makefile.am Tue Nov 29 01:10:32 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/Makefile.am Tue Nov 29 22:21:13 2011 +0100 @@ -14,4 +14,5 @@ ext-editheader-common.c noinst_HEADERS = \ + ext-editheader-limits.h \ ext-editheader-common.h diff -r 3cacf01fbbab -r 00c5cd8ca1d2 src/lib-sieve/plugins/editheader/cmd-addheader.c --- a/src/lib-sieve/plugins/editheader/cmd-addheader.c Tue Nov 29 01:10:32 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/cmd-addheader.c Tue Nov 29 22:21:13 2011 +0100 @@ -114,8 +114,8 @@ if ( ext_editheader_header_is_protected(cmd->ext, str_c(fname)) ) { sieve_argument_validate_warning(valdtr, arg, "addheader command: " - "specified header field `%s' is protected " - "(modification will be denied)", str_sanitize(str_c(fname), 80)); + "specified header field `%s' is protected; " + "modification will be denied", str_sanitize(str_c(fname), 80)); } } @@ -136,11 +136,18 @@ if ( !rfc2822_header_field_body_verify (str_c(fvalue), str_len(fvalue), TRUE, TRUE) ) { - sieve_argument_validate_error - (valdtr, arg, "addheader command: specified value `%s' is invalid", - str_sanitize(str_c(fvalue), 80)); + sieve_argument_validate_error(valdtr, arg, + "addheader command: specified value `%s' is invalid", + str_sanitize(str_c(fvalue), 80)); return FALSE; } + + if ( ext_editheader_header_too_large(cmd->ext, str_len(fvalue)) ) { + sieve_argument_validate_error(valdtr, arg, "addheader command: " + "specified header value `%s' is too large (%"PRIuSIZE_T" bytes)", + str_sanitize(str_c(fvalue), 80), str_len(fvalue)); + return SIEVE_EXEC_FAILURE; + } } return TRUE; @@ -269,7 +276,7 @@ if ( ext_editheader_header_is_protected(this_ext, str_c(field_name)) ) { sieve_runtime_warning(renv, NULL, "addheader action: " - "specified header field `%s' is protected (modification denied)", + "specified header field `%s' is protected; modification denied", str_sanitize(str_c(field_name), 80)); return SIEVE_EXEC_OK; } @@ -282,6 +289,13 @@ return SIEVE_EXEC_FAILURE; } + if ( ext_editheader_header_too_large(this_ext, str_len(value)) ) { + sieve_runtime_error(renv, NULL, "addheader action: " + "specified header value `%s' is too large (%"PRIuSIZE_T" bytes)", + str_sanitize(str_c(value), 80), str_len(value)); + return SIEVE_EXEC_FAILURE; + } + /* * Perform operation */ diff -r 3cacf01fbbab -r 00c5cd8ca1d2 src/lib-sieve/plugins/editheader/cmd-deleteheader.c --- a/src/lib-sieve/plugins/editheader/cmd-deleteheader.c Tue Nov 29 01:10:32 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/cmd-deleteheader.c Tue Nov 29 22:21:13 2011 +0100 @@ -261,8 +261,8 @@ if ( ext_editheader_header_is_protected(cmd->ext, str_c(fname)) ) { sieve_argument_validate_warning(valdtr, arg, "deleteheader command: " - "specified header field `%s' is protected " - "(modification will be denied)", str_sanitize(str_c(fname), 80)); + "specified header field `%s' is protected; " + "modification will be denied", str_sanitize(str_c(fname), 80)); } } @@ -446,7 +446,7 @@ if ( ext_editheader_header_is_protected(this_ext, str_c(field_name)) ) { sieve_runtime_warning(renv, NULL, "deleteheader action: " - "specified header field `%s' is protected (modification denied)", + "specified header field `%s' is protected; modification denied", str_sanitize(str_c(field_name), 80)); return SIEVE_EXEC_OK; } diff -r 3cacf01fbbab -r 00c5cd8ca1d2 src/lib-sieve/plugins/editheader/ext-editheader-common.c --- a/src/lib-sieve/plugins/editheader/ext-editheader-common.c Tue Nov 29 01:10:32 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/ext-editheader-common.c Tue Nov 29 22:21:13 2011 +0100 @@ -12,6 +12,7 @@ #include "sieve-settings.h" #include "sieve-extensions.h" +#include "ext-editheader-limits.h" #include "ext-editheader-common.h" /* @@ -29,6 +30,8 @@ pool_t pool; ARRAY_DEFINE(headers, struct ext_editheader_header); + + size_t max_header_size; }; static struct ext_editheader_header *ext_editheader_config_header_find @@ -53,6 +56,7 @@ (struct ext_editheader_config *) *context; struct sieve_instance *svinst = ext->svinst; const char *protected; + size_t max_header_size; pool_t pool; if ( *context != NULL ) { @@ -64,6 +68,7 @@ pool = pool_alloconly_create("editheader_config", 512); ext_config = p_new(pool, struct ext_editheader_config, 1); ext_config->pool = pool; + ext_config->max_header_size = EXT_EDITHEADER_DEFAULT_MAX_HEADER_SIZE; p_array_init(&ext_config->headers, pool, 16); @@ -92,6 +97,19 @@ headers++; } } + + if ( sieve_setting_get_size_value + (svinst, "sieve_editheader_max_header_size", &max_header_size) ) { + if ( max_header_size < EXT_EDITHEADER_MINIMUM_MAX_HEADER_SIZE ) { + sieve_sys_warning(svinst, + "editheader: value of sieve_editheader_max_header_size setting " + "(=%"PRIuSIZE_T") is less than the minimum (=%"PRIuSIZE_T") " + "(ignored)", max_header_size, + (size_t) EXT_EDITHEADER_MINIMUM_MAX_HEADER_SIZE); + } else { + ext_config->max_header_size = max_header_size; + } + } } T_END; *context = (void *) ext_config; @@ -133,3 +151,17 @@ return header->protected; } + +/* + * Limits + */ + +bool ext_editheader_header_too_large +(const struct sieve_extension *ext, size_t size) +{ + struct ext_editheader_config *ext_config = + (struct ext_editheader_config *) ext->context; + + return size > ext_config->max_header_size; +} + diff -r 3cacf01fbbab -r 00c5cd8ca1d2 src/lib-sieve/plugins/editheader/ext-editheader-common.h --- a/src/lib-sieve/plugins/editheader/ext-editheader-common.h Tue Nov 29 01:10:32 2011 +0100 +++ b/src/lib-sieve/plugins/editheader/ext-editheader-common.h Tue Nov 29 22:21:13 2011 +0100 @@ -40,4 +40,11 @@ bool ext_editheader_header_is_protected (const struct sieve_extension *ext, const char *header); +/* + * Limits + */ + +bool ext_editheader_header_too_large + (const struct sieve_extension *ext, size_t size); + #endif /* __EXT_EDITHEADER_COMMON_H */ diff -r 3cacf01fbbab -r 00c5cd8ca1d2 src/lib-sieve/plugins/editheader/ext-editheader-limits.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/lib-sieve/plugins/editheader/ext-editheader-limits.h Tue Nov 29 22:21:13 2011 +0100 @@ -0,0 +1,10 @@ +/* Copyright (c) 2002-2011 Pigeonhole authors, see the included COPYING file + */ + +#ifndef __EXT_EDITHEADER_LIMITS_H +#define __EXT_EDITHEADER_LIMITS_H + +#define EXT_EDITHEADER_MINIMUM_MAX_HEADER_SIZE 1024 +#define EXT_EDITHEADER_DEFAULT_MAX_HEADER_SIZE 2048 + +#endif /* __EXT_EDITHEADER_LIMITS_H */ diff -r 3cacf01fbbab -r 00c5cd8ca1d2 tests/extensions/editheader/errors.svtest --- a/tests/extensions/editheader/errors.svtest Tue Nov 29 01:10:32 2011 +0100 +++ b/tests/extensions/editheader/errors.svtest Tue Nov 29 22:21:13 2011 +0100 @@ -76,6 +76,64 @@ } } +/* + * TEST - Size limit + */ + +test "Size limit" { + if not test_script_compile "errors/size-limit.sieve" { + test_fail "compile should have succeeded"; + } + + test_config_set "sieve_editheader_max_header_size" "1024"; + test_config_reload :extension "editheader"; + + if test_script_compile "errors/size-limit.sieve" { + test_fail "compile should have failed"; + } + + if not test_error :count "eq" :comparator "i;ascii-numeric" "2" { + test_fail "wrong number of errors reported"; + } +} + + +/* + * TEST - Size limit at runtime + */ + +test_config_set "sieve_editheader_max_header_size" ""; +test_config_reload :extension "editheader"; + +test "Size limit at runtime" { + if not test_script_compile "errors/size-limit-runtime.sieve" { + test_fail "compile should have succeeded"; + } + + if not test_script_run { + test_fail "run failed"; + } + + test_config_set "sieve_editheader_max_header_size" "1024"; + test_config_reload :extension "editheader"; + + if not test_script_compile "errors/size-limit-runtime.sieve" { + test_fail "compile should have succeeded"; + } + + if test_script_run { + test_fail "run should have failed"; + } + + if not test_error :count "eq" :comparator "i;ascii-numeric" "1" { + test_fail "wrong number of errors reported"; + } +} + +/* + * TEST - Implicit keep at runtime error + */ + test_set "message" text: From: stephan at example.com To: tss at example.com diff -r 3cacf01fbbab -r 00c5cd8ca1d2 tests/extensions/editheader/errors/size-limit-runtime.sieve --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/extensions/editheader/errors/size-limit-runtime.sieve Tue Nov 29 22:21:13 2011 +0100 @@ -0,0 +1,46 @@ +require "editheader"; +require "variables"; + +set "blob" text: +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA From pigeonhole at rename-it.nl Tue Nov 29 23:47:23 2011 From: pigeonhole at rename-it.nl (pigeonhole at rename-it.nl) Date: Tue, 29 Nov 2011 22:47:23 +0100 Subject: dovecot-2.1-pigeonhole: lib-sieve: implementation of editheader ... Message-ID: details: http://hg.rename-it.nl/dovecot-2.1-pigeonhole/rev/b3bff60a18da changeset: 1569:b3bff60a18da user: Stephan Bosch date: Tue Nov 29 22:47:13 2011 +0100 description: lib-sieve: implementation of editheader extension completed - Updated documentation. - Made editheader extension disabled by default diffstat: INSTALL | 13 +++++- TODO | 3 +- doc/editheader.txt | 51 +++++++++++++++++++++++++ src/lib-sieve/sieve-extensions.c | 5 +- 4 files changed, 65 insertions(+), 7 deletions(-) diffs (119 lines): diff -r 00c5cd8ca1d2 -r b3bff60a18da INSTALL --- a/INSTALL Tue Nov 29 22:21:13 2011 +0100 +++ b/INSTALL Tue Nov 29 22:47:13 2011 +0100 @@ -259,6 +259,15 @@ Sieve Interpreter - Extension Configuration ------------------------------------------- +- Editheader extension: + + The editheader extension [RFC5293] enables sieve scripts to interact with + other components that consume or produce header fields by allowing the script + to delete and add header fields. + + The editheader extension requires explicit configuration and is not enabled + for use by default. Refer to doc/editheader.txt for configuration information. + - Vacation extension: The Sieve vacation extension [RFC5230] defines a mechanism to generate @@ -270,8 +279,8 @@ - Include extension: - The Sieve include extension (draft) permits users to include one Sieve script - into another. + The Sieve include extension (draft) permits users to include one Sieve script + into another. The include extension is available by default, but it has its own specific configuration options. Refer to doc/include.txt for settings specific to the diff -r 00c5cd8ca1d2 -r b3bff60a18da TODO --- a/TODO Tue Nov 29 22:21:13 2011 +0100 +++ b/TODO Tue Nov 29 22:47:13 2011 +0100 @@ -1,7 +1,6 @@ Current activities: -* Finish editheader extension - - Document extension configuration +- Parallel plugin-based efforts: diff -r 00c5cd8ca1d2 -r b3bff60a18da doc/editheader.txt --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/doc/editheader.txt Tue Nov 29 22:47:13 2011 +0100 @@ -0,0 +1,51 @@ +Editheader Extension + +Relevant specifications +======================= + + RFC5293 - doc/rfc/editheader.rfc5293.txt + +Description +=========== + +The editheader extension [RFC5293] enables sieve scripts to interact with other +components that consume or produce header fields by allowing the script to +delete and add header fields. + +Configuration +============= + +The editheader is not available by default and needs to be enabled explicitly by +adding it to the sieve_extensions setting. + +The following settings can be configured for the editheader extension (default +values are indicated): + +sieve_editheader_max_header_size = 2048 + The maximum size in bytes of a header field value passed to the addheader + command. The minumum value for this setting is 1024 bytes. The value is in + bytes, unless followed by a k(ilo). + +sieve_editheader_protected = + A space-separated list of headers that cannot be added to nor removed from the + message header. The `Received:' and `Auto-Submitted:' fields are always + protected and the `Subject:' header cannot be protected, as required by the + RFC specificiation; adding one of these headers to this setting has no effect. + +Invalid values for the settings above will make the Sieve interpreter log +a warning and revert to the default values. + +Example +======= + +plugin { + # Use editheader + sieve_extensions = +editheader + + # Header fiels must not exceed one 1k + sieve_editheader_max_header_size = 1k + + # Protect special header + sieve_editheader_protected = X-Verified +} + diff -r 00c5cd8ca1d2 -r b3bff60a18da src/lib-sieve/sieve-extensions.c --- a/src/lib-sieve/sieve-extensions.c Tue Nov 29 22:21:13 2011 +0100 +++ b/src/lib-sieve/sieve-extensions.c Tue Nov 29 22:47:13 2011 +0100 @@ -135,7 +135,6 @@ ©_extension, &include_extension, &body_extension, &variables_extension, &enotify_extension, &environment_extension, &mailbox_extension, &date_extension, &ihave_extension, - &editheader_extension }; const unsigned int sieve_core_extensions_count = @@ -147,8 +146,8 @@ */ const struct sieve_extension_def *sieve_extra_extensions[] = { - &vacation_seconds_extension, - &spamtest_extension, &spamtestplus_extension, &virustest_extension, + &vacation_seconds_extension, &spamtest_extension, &spamtestplus_extension, + &virustest_extension, &editheader_extension, /* vnd.dovecot. */ &debug_extension From dovecot at dovecot.org Wed Nov 30 18:49:04 2011 From: dovecot at dovecot.org (dovecot at dovecot.org) Date: Wed, 30 Nov 2011 18:49:04 +0200 Subject: dovecot-2.1: auth: Mention auth_worker_max_count in warning mess... Message-ID: details: http://hg.dovecot.org/dovecot-2.1/rev/9fa7c1b2c2ee changeset: 13787:9fa7c1b2c2ee user: Timo Sirainen date: Wed Nov 30 18:48:44 2011 +0200 description: auth: Mention auth_worker_max_count in warning message about worker queue being slow. diffstat: src/auth/auth-worker-server.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diffs (13 lines): diff -r 1753a762b56f -r 9fa7c1b2c2ee src/auth/auth-worker-server.c --- a/src/auth/auth-worker-server.c Fri Nov 25 04:25:09 2011 +0200 +++ b/src/auth/auth-worker-server.c Wed Nov 30 18:48:44 2011 +0200 @@ -83,7 +83,8 @@ AUTH_WORKER_DELAY_WARN_MIN_INTERVAL_SECS) { auth_worker_last_warn = ioloop_time; i_warning("auth workers: Auth request was queued for %d " - "seconds, %d left in queue", + "seconds, %d left in queue " + "(see auth_worker_max_count)", (int)(ioloop_time - request->created), aqueue_count(worker_request_queue)); }